CVE-2025-59792 – Apache Kvrocks: MONITOR command reveals plaintext credentials to non-admins

CVE ID : CVE-2025-59792

Published : Nov. 28, 2025, 3:16 p.m. | 1 hour, 8 minutes ago

Description : Reveals plaintext credentials in the MONITOR command vulnerability in Apache Kvrocks.

This issue affects Apache Kvrocks: from 1.0.0 through 2.13.0.

Users are recommended to upgrade to version 2.14.0, which fixes the issue.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2025-12183 – org.lz4:lz4-java – Out-of-Bounds Memory Access

CVE-2025-59790 – Apache Kvrocks: RESET command grants admin privileges

CVE-2025-51736 – HCL Unica File Upload Remote Code Execution Vulnerability

CVE-2025-51735 – HCL Technologies Ltd. Unica CSV Formula Injection Vulnerability