CNNVD-202510-1763 Information

Oct 14, 2025 cve

CNNVD ID

CNNVD-202510-1763

CVE-2025-60537

  • CNNVD Published: 2025-10-14

Description (Chinese)

UI for Apache Kafka是Provectus开源的一款Kafka的前端界面。 UI for Apache Kafka v0.6.0版本至v0.7.2版本存在安全漏洞,该漏洞源于组件/kafka/ui/serdes/CustomSerdeLoader.java输入验证不当,可能导致执行任意代码。

Description (English)

UI for Apache Kafka is a front-end interface for Kafka, an open source of Provectus. UI for Apache Kafka v. 0.6.0 to v. 0.7.2 had a security loophole, which stemmed from inappropriate input validation of component/kafka/ui/serdes/CustomSerdeLoader.java, which could lead to the implementation of arbitrary codes.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Provectus

Published

2025-10-14

Last Modified

2026-02-24

References

https://github.com/provectus/kafka-ui https://github.com/provectus/kafka-ui/blob/v0.7.2/kafka-ui-api/src/main/java/com/provectus/kafka/ui/serdes/CustomSerdeLoader.java https://github.com/vityuasd/VulList/blob/main/CVE-2025-60537.md https://access.redhat.com/security/cve/cve-2025-60537

Share on: