Provectus

provectus

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-5562 1Provectus 1Ui Apr 30, 2026 Apr 5, 2026 5.5 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability was identified in provectus kafka-ui up to 0.7.2. This impacts the function validateAccess of the file /api/smartfilters/testexecutions of the component Endpoint. The manipulation leads to code injection....Show more A vulnerability was identified in provectus kafka-ui up to 0.7.2. This impacts the function validateAccess of the file /api/smartfilters/testexecutions of the component Endpoint. The manipulation leads to code injection. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2023-52251 1Provectus 1Ui Jun 17, 2026 Jan 25, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 An issue discovered in provectus kafka-ui 0.4.0 through 0.7.1 allows remote attackers to execute arbitrary code via the q parameter of /api/clusters/local/topics/{topic}/messages.

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2026-5562

1Provectus

1Ui

Apr 30, 2026

Apr 5, 2026

5.5 MEDIUM· v4

9.8 CRITICAL· v3

7.5 HIGH· v2

A vulnerability was identified in provectus kafka-ui up to 0.7.2. This impacts the function validateAccess of the file /api/smartfilters/testexecutions of the component Endpoint. The manipulation leads to code injection. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less

CVE-2023-52251

1Provectus

1Ui

Jun 17, 2026

Jan 25, 2024

N/A· v4

8.8 HIGH· v3

N/A· v2

An issue discovered in provectus kafka-ui 0.4.0 through 0.7.1 allows remote attackers to execute arbitrary code via the q parameter of /api/clusters/local/topics/{topic}/messages.