All 2 CVE vulnerabilities found in Apache Storm Client, with AI-generated Chinese analysis, references, and POCs.
Vendor: Apache Software Foundation
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-41081 | Apache Storm Client: Anonymous principal assigned on TLS client certificate verification failure CWE-287 | - | - | 2026-04-27 |
| CVE-2026-35337 | Apache Storm Client: RCE through Unsafe Deserialization via Kerberos TGT Credential Handling CWE-502 | 8.8 | - | 2026-04-13 |
All 2 known CVE vulnerabilities affecting Apache Storm Client with full Chinese analysis, references, and POCs where available.