Known Vulnerabilities for Apache ZooKeeper by Apache Software Foundation
Listed below are 3 of the newest known vulnerabilities associated with "Apache ZooKeeper" by "Apache Software Foundation".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-40557 json | Improper Certificate Validation via Global SSL Context Downgrade in Apache Storm Prometheus Reporter Versions Affected: fro... | Not Provided | 2026-04-27 | 2026-04-30 |
| CVE-2026-24308 json | Improper handling of configuration values in ZKConfig in Apache ZooKeeper 3.8.5 and 3.9.4 on all platforms allows an attacker... | Not Provided | 2026-03-07 | 2026-07-03 |
| CVE-2026-24281 json | Hostname verification in Apache ZooKeeper ZKTrustManager falls back to reverse DNS (PTR) when IP SAN validation fails, allowi... | Not Provided | 2026-03-07 | 2026-07-03 |