CVE-2025-27821
Published Jan 26, 2026
Last updated 5 hours ago
AI description
CVE-2025-27821 describes an out-of-bounds write vulnerability found in the Apache Hadoop HDFS native client. This flaw specifically resides within the URI parser component of the client. It affects Apache Hadoop versions 3.2.0 through 3.4.1. The vulnerability allows for data to be written beyond the intended memory boundaries when the HDFS native client processes specially crafted Uniform Resource Identifiers (URIs). This memory corruption can lead to unpredictable system behavior, including application crashes or data corruption. The issue was reported by security researcher BUI Ngoc Tan, and Apache has addressed it in version 3.4.2.
- Description
- Out-of-bounds Write vulnerability in Apache Hadoop HDFS native client. This issue affects Apache Hadoop: from 3.2.0 before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue.
- Source
- security@apache.org
- NVD status
- Awaiting Analysis
- security@apache.org
- CWE-787
- Hype score
- Not currently trending
CYBERDUDEBIVASH® PREMIUM INTEL: CVE-2025-27821 Hadoop HDFS Memory Corruption Read the full report on - https://t.co/dOT4dHTKKF https://t.co/y4TDTspkV7
@cyberbivash
26 Jan 2026
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Apache Hadoop HDFS Flaw Can Crash Clusters or Corrupt Data via Crafted URIs (CVE-2025-27821) A vulnerability in the HDFS native client URI parser (CVE-2025-27821) affects Hadoop 3.2.0–3.4.1 and can be triggered by maliciously crafted URIs to cause denial-of-service crashes
@ThreatSynop
26 Jan 2026
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-27821 Out-of-bounds Write vulnerability in Apache Hadoop HDFS native client. This issue affects Apache Hadoop: from 3.2.0 before 3.4.2. Users are recommended to upgrade t… https://t.co/W17CY5DXh6
@CVEnew
26 Jan 2026
179 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Apache Hadoop HDFS Bug Lets Attackers Crash Services or Corrupt Data via Crafted URIs (CVE-2025-27821) A moderate-severity out-of-bounds write in the HDFS native client URI parser (Hadoop 3.2.0–3.4.1) can be triggered by maliciously crafted URIs to cause DoS crashes or cor
@ThreatSynop
26 Jan 2026
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 ثغرة في Apache Hadoop HDFS Client إصدار تحديث أمني لـ Apache Hadoop لمعالجة مشكلة Out-of-Bounds Write في عميل HDFS. هذه الثغرة، CVE-2025-27821، قد تسمح بتنفيذ تعليمات برمجية عن بعد. التأث
@MisbarSec
26 Jan 2026
64 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-27821: Apache Patches Out-of-Bounds Write Flaw in Hadoop HDFS Client https://t.co/0Euvu6OoHo
@Karma_X_Inc
25 Jan 2026
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apache Hadoop HDFS native client flaw CVE-2025-27821 allows out-of-bounds writes. Update to v3.4.2 to prevent crashes and ensure data stability. #ApacheHadoop #HDFS #BigData #CyberSecurity #CVE202527821 #InfoSec #DataLake https://t.co/d90ED36xqd
@the_yellow_fall
25 Jan 2026
291 Impressions
1 Retweet
4 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2025-27821: Apache Hadoop HDFS native client: Out of bounds write in URI parser https://t.co/PrtMEjVccy
@oss_security
25 Jan 2026
682 Impressions
0 Retweets
6 Likes
3 Bookmarks
0 Replies
0 Quotes
CVE-2025-27821 CVE-2025-27821 https://t.co/yalZOHbEmQ
@VulmonFeeds
23 Jan 2026
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes