{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-25999", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-02-09T17:41:55.859Z", "datePublished": "2026-02-11T21:00:30.271Z", "dateUpdated": "2026-02-12T21:21:30.163Z"}, "containers": {"cna": {"title": "Klaw has an improper authorisation check on /resetMemoryCache", "problemTypes": [{"descriptions": [{"cweId": "CWE-285", "lang": "en", "description": "CWE-285: Improper Authorization", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/Aiven-Open/klaw/security/advisories/GHSA-rp26-qv9w-xr5q", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/Aiven-Open/klaw/security/advisories/GHSA-rp26-qv9w-xr5q"}, {"name": "https://github.com/Aiven-Open/klaw/commit/617ed96b1db111ed498d89132321bf39f486e3a1", "tags": ["x_refsource_MISC"], "url": "https://github.com/Aiven-Open/klaw/commit/617ed96b1db111ed498d89132321bf39f486e3a1"}, {"name": "https://github.com/Aiven-Open/klaw/releases/tag/v2.10.2", "tags": ["x_refsource_MISC"], "url": "https://github.com/Aiven-Open/klaw/releases/tag/v2.10.2"}], "affected": [{"vendor": "Aiven-Open", "product": "klaw", "versions": [{"version": "< 2.10.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-11T21:00:30.271Z"}, "descriptions": [{"lang": "en", "value": "Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to 2.10.2, there is an improper access control vulnerability that allows unauthorized users to trigger a reset or deletion of metadata for any tenant. By sending a crafted request to the /resetMemoryCache endpoint, an attacker can clear cached configurations, environments, and cluster data. This vulnerability is fixed in 2.10.2."}], "source": {"advisory": "GHSA-rp26-qv9w-xr5q", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-12T21:21:21.318253Z", "id": "CVE-2026-25999", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-12T21:21:30.163Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-25999", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-12T21:21:21.318253Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-12T21:21:27.263Z"}}], "cna": {"title": "Klaw has an improper authorisation check on /resetMemoryCache", "source": {"advisory": "GHSA-rp26-qv9w-xr5q", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Aiven-Open", "product": "klaw", "versions": [{"status": "affected", "version": "< 2.10.2"}]}], "references": [{"url": "https://github.com/Aiven-Open/klaw/security/advisories/GHSA-rp26-qv9w-xr5q", "name": "https://github.com/Aiven-Open/klaw/security/advisories/GHSA-rp26-qv9w-xr5q", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/Aiven-Open/klaw/commit/617ed96b1db111ed498d89132321bf39f486e3a1", "name": "https://github.com/Aiven-Open/klaw/commit/617ed96b1db111ed498d89132321bf39f486e3a1", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/Aiven-Open/klaw/releases/tag/v2.10.2", "name": "https://github.com/Aiven-Open/klaw/releases/tag/v2.10.2", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to 2.10.2, there is an improper access control vulnerability that allows unauthorized users to trigger a reset or deletion of metadata for any tenant. By sending a crafted request to the /resetMemoryCache endpoint, an attacker can clear cached configurations, environments, and cluster data. This vulnerability is fixed in 2.10.2."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-285", "description": "CWE-285: Improper Authorization"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-11T21:00:30.271Z"}}}, "cveMetadata": {"cveId": "CVE-2026-25999", "state": "PUBLISHED", "dateUpdated": "2026-02-12T21:21:30.163Z", "dateReserved": "2026-02-09T17:41:55.859Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-02-11T21:00:30.271Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:aiven:klaw:*:*:*:*:*:*:*:*", "matchCriteriaId": "80AFF9B7-33B4-4D2B-A37A-0E0EBD9F1584", "versionEndExcluding": "2.10.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to 2.10.2, there is an improper access control vulnerability that allows unauthorized users to trigger a reset or deletion of metadata for any tenant. By sending a crafted request to the /resetMemoryCache endpoint, an attacker can clear cached configurations, environments, and cluster data. This vulnerability is fixed in 2.10.2."}], "id": "CVE-2026-25999", "lastModified": "2026-02-26T23:25:10.173", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 4.2, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-02-11T21:16:20.963", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/Aiven-Open/klaw/commit/617ed96b1db111ed498d89132321bf39f486e3a1"}, {"source": "security-advisories@github.com", "tags": ["Product", "Release Notes"], "url": "https://github.com/Aiven-Open/klaw/releases/tag/v2.10.2"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/Aiven-Open/klaw/security/advisories/GHSA-rp26-qv9w-xr5q"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-285"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,2.10.2)"}}], "product": "klaw", "vendor": "aiven-open"}], "analysis": {"en": {"generated_at": "2026-04-18T12:37:19.257705+00:00", "value": {"mitigation_remediation": ["Upgrade Klaw to version 2.10.2 or later", "Restrict access to the /resetMemoryCache endpoint with network controls such as a firewall or IP whitelisting", "Enforce authentication and authorization on the /resetMemoryCache endpoint, ensuring only privileged users can trigger a reset"], "summary": {"action": "Patch Now", "impact": "Authentication bypass permits arbitrary reset of tenant metadata"}, "threat_synthesis": {"affected_systems": "The issue affects all instances of Aiven\u2011Open Klaw older than version 2.10.2. Version 2.10.2 and later contain the fix, so any deployment running 2.10.1 or earlier is considered vulnerable.", "description_and_impact": "An improper authorization check on the /resetMemoryCache endpoint allows unauthenticated users to clear cached configurations, environments, and cluster data for any tenant. This can lead to loss of critical metadata, service disruption, and potential exposure of sensitive configuration details. The vulnerability is a remote flaw that could be exploited by sending a crafted request to the exposed API.", "risk_and_exploitability": "With a CVSS score of 7.1 and an EPSS of less than 1\u202f%, the technical severity is moderate while the likelihood of exploitation is considered low. The vulnerability is not listed in the CISA KEV catalog, indicating no known public exploitation. A malicious actor can trigger the reset simply by accessing the endpoint, so the attack vector is network\u2011based and does not require privileged credentials. The impact is the ability to disrupt tenant services and erase cached state without authorization."}}}}, "created": "2026-02-12T09:03:15.783588+00:00", "updated": "2026-04-18T12:45:45.668418+00:00", "vendors": ["aiven-open", "aiven-open$PRODUCT$klaw"]}