Browse all 5 CVE security advisories affecting aiven. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-39961 | Aiven Operator has cross-namespace secret exfiltration via ClickhouseUser connInfoSecretSource — aiven-operatorCWE-269 | 6.8 | Medium | 2026-04-09 |
| CVE-2025-55283 | aiven-db-migrate allows Privilege Escalation through use of psql during migration — aiven-db-migrateCWE-77 | 9.1 | Critical | 2025-08-18 |
| CVE-2025-55282 | aiven-db-migrate allows Privilege Escalation via unrestricted search_path during migration — aiven-db-migrateCWE-22 | 9.1 | Critical | 2025-08-18 |
| CVE-2025-31480 | aiven-extras allows PostgreSQL Privilege Escalation through format function — aiven-extrasCWE-426 | 9.1 | Critical | 2025-04-04 |
| CVE-2023-32305 | aiven-extras PostgreSQL Privilege Escalation Through Overloaded Search Path — aiven-extrasCWE-20 | 8.8 | High | 2023-05-12 |
This page lists every published CVE security advisory associated with aiven. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.