6.5

CVE-2026-41727

In Spring for Apache Kafka, forged retry topic headers subvert retry routing and backoff behavior

Spring Kafka's retry topic infrastructure did not sufficiently validate user-controlled header values before acting on them. A producer could send a record with a crafted retry_topic-attempts header to supply an out-of-range attempt count and cause the retry topic router to misidentify where the message was in the retry sequence.

Affected versions:
Spring for Apache Kafka 4.0.0 through 4.0.5; 3.3.0 through 3.3.15; 3.2.0 through 3.2.13; 2.9.0 through 2.9.13; 2.8.0 through 2.8.11.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
VMwareSpring For Apache Kafka Version >= 2.8.0 <= 2.8.11
VMwareSpring For Apache Kafka Version >= 2.9.0 <= 2.9.13
VMwareSpring For Apache Kafka Version >= 3.2.0 <= 3.2.13
VMwareSpring For Apache Kafka Version >= 3.3.0 <= 3.3.15
VMwareSpring For Apache Kafka Version >= 4.0.0 <= 4.0.5
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.24% 0.149
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
security@vmware.com 6.5 2.8 3.6
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.