CVE-2026-45080

Published: Giu 02, 2026 Last Modified: Giu 02, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 6,9

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

Description

AI Translation Available

Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to version 2.10.4, improper access control allows disclosure of password hash. This issue has been patched in version 2.10.4.

200

Exposure of Sensitive Information to an Unauthorized Actor

Draft

Abstraction: Class Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality

Potential Impacts:

Read Application Data

Applicable Platforms

Technologies: Not Technology-Specific, Web Based, Mobile

Likelihood of Exploit: High

View CWE Details

284

Improper Access Control

Incomplete

Abstraction: Pillar Structure: Simple

Common Consequences

Security Scopes Affected:

Other

Potential Impacts:

Varies By Context

Applicable Platforms

Technologies: Not Technology-Specific, ICS/OT, Web Based

View CWE Details

https://github.com/Aiven-Open/klaw/releases/tag/v2.10.4

https://github.com/Aiven-Open/klaw/security/advisories/GHSA…

https://github.com/Aiven-Open/klaw/security/advisories/GHSA-v7m7-fr8v-hpx2

CVE-2026-45080

Description

Exposure of Sensitive Information to an Unauthorized Actor

Common Consequences

Applicable Platforms

Improper Access Control

Common Consequences

Applicable Platforms

Iscriviti alla newsletter