Security Advisories and Security Release Notes

Security Release Notes for CPC Gateway

Security Release Notes for USM agent

Security Release Notes for CFK 3.2.3

Security Release Notes for CFK 3.1.3

Security Release Notes for CFK 3.0.5

Security Release Notes for CFK 2.11.6

Security Release Notes for CFK 2.10.6

Security Release Notes for CFK 2.9.10

CONFSA-2026-12: Confluent Platform And Confluent Cloud: Denial Of Service Via Improper Handling Of Telemetry Data

CONFSA-2026-11: Confluent Platform and Confluent Cloud: Denial of Service Via Unbounded Request Body In Confluent Schema Registry

CONFSA-2026-10: CVE-2026-24281: Confluent Platform: Impersonation Of ZooKeeper Servers Or Clients Via Reverse DNS Spoofing

CONFSA-2026-09: CVE-2026-24308: Confluent Platform: Information Disclosure Via Improper Handling Of Configuration Values

Security Release Notes for Control Center Next Generation

Security Release Notes for CP 8.2.2

Security Release Notes for CP 8.1.4

Security Release Notes for CP 8.0.6

Security Release Notes for CP 7.9.8

Security Release Notes for CP 7.8.9

Security Release Notes for CP 7.7.10

Security Release Notes for CP 7.6.12

Security Release Notes for CP 7.5.15

CONFSA-2026-08: CVE-2026-35194: Confluent Cloud and Confluent Platform Vulnerability: Authenticated Remote Code Execution (RCE) via Flink SQL queries

CONFSA-2026-07: CVE-2026-33558: Confluent Platform - DEBUG level logging could result in sensitive information exposure

Security Release Notes for CP 8.2.1 (Out of band Critical Patch Release)

Security Release Notes for CP 8.1.3 (Out of band Critical Patch Release)

Security Release Notes for CP 8.0.5 (Out of band Critical Patch Release)

Security Release Notes for CP 7.9.7 (Out of band Critical Patch Release)

Security Release Notes for CP 7.8.8 (Out of band Critical Patch Release)

Security Release Notes for CP 7.7.9 (Out of band Critical Patch Release)

Security Release Notes for CP 7.6.11 (Out of band Critical Patch Release)