CYBERSIXT Signal Over Noise
securityonline.info 6/25/2026, 10:11:48 AM · external

Apache Kvrocks Vulnerabilities Fix Five Severe Flaws

Apache Kvrocks Vulnerabilities Fix Five Severe Flaws
CyberSIXT Evidence Panel
CVE Intel
CVE-2026-46752 - NVD Not in KEV 10 CRITICAL Patch Unknown
CVE-2026-41566 - NVD Not in KEV 9.4 CRITICAL Patch Unknown
CISA KEV Not in KEV
Patch Patch Status Unknown

THE article discusses critical vulnerabilities in Apache Kvrocks, a distributed NoSQL database. Two main vulnerabilities have been identified: CVE-2026-46752 (stack buffer overflow) with a CVSS score of 10, and CVE-2026-41566 (improper permissions) with a CVSS score of 9.4. Both vulnerabilities have not been exploited yet. Users are urged to update to version 2.16.0 to mitigate risks. The vulnerabilities could allow attackers to crash servers or run arbitrary code. Affected versions range from 1.0.0 to 2.15.0. Security updates have been released by Apache Software Foundation to address these issues.

View full article

Article by CyberSIXT