- Description
- Kafbat UI is a web user interface for managing Apache Kafka clusters. An unsafe deserialization vulnerability in version 1.0.0 allows any unauthenticated user to execute arbitrary code on the server. Version 1.1.0 fixes the issue.
- Source
- security-advisories@github.com
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 8.9
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
- security-advisories@github.com
- CWE-502
- Hype score
- Not currently trending
CVE-2025-49127: Kafbat UI Remote Code Execution via JMX Unsafe Deserialization https://t.co/1AOKDlsBM3
@Dinosn
14 Jul 2025
1557 Impressions
2 Retweets
7 Likes
2 Bookmarks
0 Replies
0 Quotes
CVE-2025-49127: Unauthenticated Remote Code Execution in Kafbat UI v1.0.0 Exploitable via unsafe deserialization. Upgrade to v1.1.0 ASAP. Full details: https://t.co/RK0sB8ACHp
@Valko_CybrWolf
7 Jun 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
High severity alert: CVE-2025-49127 lets unauthenticated users run code via kafbat kafka-ui 1.0.0. Update now! Details: https://t.co/5uH7HOmhdv #OffSeq #CVE202549127 #kafka #infosec #cybersecurity https://t.co/GrzFpreri8
@offseq
7 Jun 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-49127 Unauthenticated Remote Code Execution in Kafbat UI Version 1.0.0 https://t.co/mwKJYFtxVe
@VulmonFeeds
7 Jun 2025
79 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-49127 Kafbat UI is a web user interface for managing Apache Kafka clusters. An unsafe deserialization vulnerability in version 1.0.0 allows any unauthenticated user to exec… https://t.co/WJ0IluUg9H
@CVEnew
6 Jun 2025
145 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes