{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-15T12:10:51.780","vulnerabilities":[{"cve":{"id":"CVE-2026-27133","sourceIdentifier":"security-advisories@github.com","published":"2026-02-20T23:16:02.933","lastModified":"2026-02-27T21:48:29.913","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Strimzi provides a way to run an Apache Kafka cluster on Kubernetes or OpenShift in various deployment configurations. From 0.47.0 to before 0.50.1, when a chain consisting of multiple CA (Certificate Authority) certificates is used in the trusted certificates configuration of a Kafka Connect operand or of the target cluster in the Kafka MirrorMaker 2 operand, all of the certificates that are part of the CA chain will be trusted individually when connecting to the Apache Kafka cluster. Due to this error, the affected operand (Kafka Connect or Kafka MirrorMaker 2) might accept connections to Kafka brokers using server certificates signed by one of the other CAs in the CA chain and not just by the last CA in the chain. This issue is fixed in Strimzi 0.50.1."},{"lang":"es","value":"Strimzi proporciona una forma de ejecutar un clúster de Apache Kafka en Kubernetes u OpenShift en varias configuraciones de despliegue. Desde la versión 0.47.0 hasta antes de la 0.50.1, cuando se utiliza una cadena que consta de múltiples certificados de CA (Autoridad de Certificación) en la configuración de certificados de confianza de un operando de Kafka Connect o del clúster de destino en el operando de Kafka MirrorMaker 2, todos los certificados que forman parte de la cadena de CA serán confiados individualmente al conectarse al clúster de Apache Kafka. Debido a este error, el operando afectado (Kafka Connect o Kafka MirrorMaker 2) podría aceptar conexiones a brokers de Kafka utilizando certificados de servidor firmados por una de las otras CA en la cadena de CA y no solo por la última CA de la cadena. Este problema está solucionado en Strimzi 0.50.1."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":0.7,"impactScore":5.2}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-295"},{"lang":"en","value":"CWE-296"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:strimzi:*:*:*:*:*:*:*:*","versionStartIncluding":"0.47.0","versionEndExcluding":"0.50.1","matchCriteriaId":"D78C87B5-B3CA-4A0A-97B5-24F6CBDD092F"}]}]}],"references":[{"url":"https://github.com/strimzi/strimzi-kafka-operator/releases/tag/0.50.1","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/strimzi/strimzi-kafka-operator/security/advisories/GHSA-6x85-j2f7-4xc5","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}}]}