CNNVD-202602-1821 Information

CNNVD ID

CNNVD-202602-1821

Related CVE

CVE-2026-25999

• CNNVD Published: 2026-02-11

Description (Chinese)

Klaw是Aiven Open开源的一个操作系统工具。 Klaw 2.10.2之前版本存在授权问题漏洞，该漏洞源于访问控制不当，可能导致未经授权的用户触发重置或删除任何租户的元数据。

Description (English)

Klaw is an operating system tool for the Open Open Source. Prior to Klaw 2.10.2, there was a mandate gap, which stemmed from inadequate access controls and could lead to unauthorized users triggering the reset or deletion of metadata from any tenant.

Vulnerability Type

授权问题

Affected Vendor

Aiven Open

Published

2026-02-11

Last Modified

2026-02-24

References

https://github.com/Aiven-Open/klaw/commit/617ed96b1db111ed498d89132321bf39f486e3a1 https://github.com/Aiven-Open/klaw/releases/tag/v2.10.2 https://github.com/Aiven-Open/klaw/security/advisories/GHSA-rp26-qv9w-xr5q

Patch

https://github.com/Aiven-Open/klaw/releases