CVE-2026-41566

critical Apache
CVSS v3 Base Score
9.4
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/R:I/RE:M/U:Amber
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
P
Published: June 25, 2026 (14 days ago)
Last Modified: June 25, 2026
Vendor: Apache
Source: MITRE

Description

Improper Handling of Insufficient Permissions or Privileges vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: 2.8.0. Users are recommended to upgrade to version 2.16.0, which fixes the issue.

CWE

CWE-280

Affected Products

Apache Software Foundation Apache Kvrocks

References