HIGH
strimzi
CVE published 2026-02-21
CVE-2026-27134
The Strimzi Kafka Operator is vulnerable to an mTLS authentication bypass due to incorrect configuration of trusted certificates for mTLS authentication on internal and user-configured listeners. This issue affects users with a custom Cluster or Clients CA with a multistage CA chain consisting of multiple CAs. The vulnerability has been fixed in version 0.50.1. Users can work around this issue by providin [truncated]