What is the CVSS score of CVE-2026-27133?

CVE-2026-27133 has a CVSS 3.1 base score of 5.9 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N. EPSS exploitation probability: 0.0%.

Which versions of Kubernetes are affected by CVE-2026-27133?

Organizations using various deployment configurations. From 0.47.0 to should be aware of moderate risk from CVE-2026-27133 rated CVSS 5.9.

Kubernetes CVE-2026-27133

MEDIUM

Improper Certificate Validation (CWE-295)

2026-02-20 security-advisories@github.com

Apache Kubernetes Red Hat Strimzi

5.9

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

Attack Vector

Network

Attack Complexity

High

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 22:04 vuln.today

CVE Published

Feb 20, 2026 - 23:16 nvd

MEDIUM 5.9

DescriptionNVD

Strimzi provides a way to run an Apache Kafka cluster on Kubernetes or OpenShift in various deployment configurations. From 0.47.0 to before 0.50.1, when a chain consisting of multiple CA (Certificate Authority) certificates is used in the trusted certificates configuration of a Kafka Connect operand or of the target cluster in the Kafka MirrorMaker 2 operand, all of the certificates that are part of the CA chain will be trusted individually when connecting to the Apache Kafka cluster. Due to this error, the affected operand (Kafka Connect or Kafka MirrorMaker 2) might accept connections to Kafka brokers using server certificates signed by one of the other CAs in the CA chain and not just by the last CA in the chain. This issue is fixed in Strimzi 0.50.1.

AnalysisAI

Strimzi versions 0.47.0 through 0.50.0 improperly trust all certificates in a CA chain rather than only the intended signing authority, allowing Kafka Connect and MirrorMaker 2 operands to accept connections from brokers with certificates signed by intermediate CAs. An attacker could leverage this improper certificate validation to establish unauthorized connections to Kafka clusters using alternate CA-signed certificates from the trusted chain. …

RemediationAI

Within 30 days: Identify affected systems running various deployment configurations. From 0.47.0 to and apply vendor patches as part of regular patch cycle. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

More from same product – last 7 days

CVE-2025-48977 HIGH This Week

8.5 May 28

Path traversal in Apache Ignite 2.0.0 through 2.17.0 lets authenticated REST API users read arbitrary files on the serve

CVE-2026-9277 HIGH This Week

8.1 May 22

Command injection in the shell-quote npm package allows attackers who can influence object-token inputs to inject arbitr

CVE-2026-9256 HIGH This Week

8.1 May 22

Heap buffer overflow in NGINX Plus and NGINX Open Source ngx_http_rewrite_module allows unauthenticated remote attackers

CVE-2026-42782 HIGH This Week

7.2 May 25

Code execution via Groovy sandbox bypass in Apache Syncope 3.0 through 3.0.16, 4.0 through 4.0.5, and 4.1.0 allows a hig

CVE-2026-43827 MEDIUM This Month

5.9 May 25

Default configurations of Apache Shiro have a session fixation vulnerability. This issue affects Apache Shiro from 1.0

Vendor StatusVendor

CVE-2026-27133 vulnerability details – vuln.today

Back

Kubernetes CVE-2026-27133

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

More from same product – last 7 days

Vendor StatusVendor

Share

External POC / Exploit Code