Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).
CVE-2025-27817
Severity
7.5HIGH
EPSS
20.5%
top 4.45%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
Timeline
PublishedJun 10
Latest updateJan 15
Description
A possible arbitrary file read and SSRF vulnerability has been identified in Apache Kafka Client. Apache Kafka Clients accept configuration data for setting the SASL/OAUTHBEARER connection with the brokers, including "sasl.oauthbearer.token.endpoint.url" and "sasl.oauthbearer.jwks.endpoint.url". Apache Kafka allows clients to read an arbitrary file and return the content in the error log, or sending requests to an unintended location. In applications where Apache Kafka Clients configurations can…
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6
Affected Packages3 packages
🔴Vulnerability Details
4OSV
▶
GHSA
▶
💥Exploits & PoCs
1Nuclei▶
Apache Kafka Client - Arbitrary File Read
📋Vendor Advisories
4Oracle▶
Oracle Oracle Financial Services Applications Risk Matrix: Accessibility (Apache Kafka) — CVE-2025-27817↗2026-01-15
Oracle▶
Oracle Oracle Communications Applications Risk Matrix: Platform (Apache Kafka) — CVE-2025-27817↗2025-10-15
Oracle▶
Oracle Oracle Financial Services Applications Risk Matrix: Platform (Apache Kafka) — CVE-2025-27817↗2025-07-15