CONFSA-2026-06: Confluent Cloud and Confluent Platform: Arbitrary Class Instantiation via JSON Schema Deserialization

Impacted versions: 

• Confluent Cloud: Kafka Connect managed connectors using the JSON Schema format
• Confluent Platform: The vulnerability impacts Kafka Connect, KSQL, and REST Proxy (v2 consumer API) in all supported versions of Confluent Platform

Recommended action: 

• Confluent Cloud: No action is necessary since Confluent has patched all impacted managed clusters
• Confluent Platform: Upgrade to one of the patched release versions 8.2.1, 8.1.3, 8.0.5, 7.9.7, 7.8.8, 7.7.9, 7.6.11, 7.5.14, 7.4.15 and explicitly configure the json.type.allowed.packages property. 

Issue:

A security vulnerability has been identified in the Kafka JSON Schema deserializer. JSON Schema specification supports a javaType property that controls which Java class is instantiated during deserialization. When processing a JSON Schema, the deserializer uses the javaType field defined in the registered schema to instantiate corresponding Java classes. 

A user with privileges to register a schema could instantiate arbitrary classes in the Java runtime where the insecure deserialization happens, if the class is available on the classpath. Impact of this vulnerability will depend on the classes available on the classpath (to be used as exploit gadgets). Confluent did not find any exploitable gadgets in the default Java runtime environment created by Confluent Platform services. 

Remediation: 

The fix introduces a new configuration json.type.allowed.packages. The default value for this property is * (allow all) to preserve backwards compatibility, which does not provide protection by default. Customers must explicitly set this property on all affected components as described below:

Confluent Cloud:

No customer action is required. Managed Connect environments have already been secured by upgrading to the patched version of the serializer and enforcing the json.type.allowed.packages="" configuration. 

Confluent Platform:

This issue is resolved in Confluent Platform patch release versions 8.2.1, 8.1.3, 8.0.5, 7.9.7, 7.8.8, 7.7.9, 7.6.11, 7.5.14, and 7.4.15. Customers only need to add the following configuration in connectors using io.confluent.connect.json.JsonSchemaConverter or custom code using the vulnerable Kafka JSON Schema deserializer. See this for more information on JSON Schema usage on Confluent Platform.

Setting json.type.allowed.packages="" (an empty string) disables javaType resolution entirely.To allow specific packages, provide a comma-separated allowlist (e.g. json.type.allowed.packages = com.mycompany.classes). 

• Please refer to the following configuration guide for more details: https://support.confluent.io/hc/en-us/articles/49196711889300-Security-configuration-guide-related-to-CONFSA-2026-06

CVSS Scores:

• Confluent Cloud: 
  • CVSS: 6.3 (CVSS v3.1 Calculator) 
• Confluent Platform: 
  • CVSS: 5.4 (CVSS v3.1 Calculator)