Kafbat UI Vulnerabilities Allow Arbitrary Code Execution via JMX Services

A critical security vulnerability has been discovered in Kafbat UI, a popular web-based interface for managing Apache Kafka clusters, allowing unauthenticated attackers to execute arbitrary code on affected systems through unsafe deserialization attacks. Critical Vulnerability Details The vulnerability, designated as CVE-2025-49127, affects Kafbat UI version 1.0.0 and stems from the application’s dynamic cluster configuration functionality […]

The post Kafbat UI Vulnerabilities Allow Arbitrary Code Execution via JMX Services appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.