2
0
2
0
Vulnerability Timeline
2 vulnerabilities discovered over time for Zookeeper
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2026-24308 | 7.5 | This vulnerability allows an attacker to access sensitive information from client configuration files that are improperly logged in Apache ZooKeeper, potentially exposing critical data in production environments. It affects versions 3.8.5 and 3.9.4, so users should upgrade to the latest versions to protect against this issue. | apachezookeeper | Exploit Available | about 1 month agoMar 7, 2026 |
| CVE-2026-24281 | 7.4 | This vulnerability allows attackers to impersonate ZooKeeper servers or clients by controlling or spoofing reverse DNS records, potentially tricking systems into trusting them. However, the attacker must also present a valid certificate that is recognized by the system, making it more challenging to exploit. | apachezookeeper | Exploit Available | about 1 month agoMar 7, 2026 |
About Apache Zookeeper Security
This page provides comprehensive security vulnerability tracking for Apache Zookeeper. Our database includes all CVEs affecting this product, updated in real-time from official sources.
Each vulnerability listing includes detailed CVSS severity analysis, exploit availability status, AI-generated explanations, and direct links to official security patches and vendor advisories.
Security Recommendations
- • Always keep Zookeeper updated to the latest version
- • Subscribe to security advisories from Apache
- • Monitor this page for new vulnerabilities affecting your version
- • Prioritize patching critical and high severity issues immediately