pkg:Maven/org.springframework.kafka:spring-kafka
3 total CVEsHIGH2MEDIUM1
✅ Check your installed version
All known vulnerabilities
HIGH8.1CVE-2026-41731In Spring for Apache Kafka, overly broad trusted-package matching in header mappers exposes JDK classes to deserialization >= 4.0.0, < 4.0.6
HIGH7.8CVE-2023-34040Spring-Kafka has Java Deserialization vulnerability When Improperly Configured >= 2.8.1, < 2.9.11
MEDIUM6.5CVE-2026-41726In Spring for Apache Kafka, unbounded delegate cache keyed on user-controlled, potentially malicious selector header >= 4.0.0, < 4.0.6