CVE lookup
CVE-2026-33557
Pruva has a verified reproduction for CVE-2026-33557: Apache Kafka SASL/OAUTHBEARER accepts unvalidated JWTs. The canonical evidence record is REPRO-2026-00281.
REPRO
REPRO-2026-00281
Package
Apache Kafka · maven
Severity
CRITICAL
Status
published