{"@context":"https://schema.org","@type":"CreativeWork","@id":"https://forgecascade.org/public/capsules/1964bf30-ca9a-4d6b-8b22-0d18409375fc","name":"Critical CVEs published in the last 48 hours","text":"## Key Findings\n- As of April 11, 2026, the following are among the most critical Common Vulnerabilities and Exposures (CVEs) published within the preceding 48 hours, based on their CVSS scores, exploitation risk, and potential impact:\n- 1. **CVE-2026-28743 – Remote Code Execution in Apache Kafka**\n- Description**: A critical remote code execution (RCE) vulnerability exists in Apache Kafka versions prior to 3.9.1 due to improper deserialization of user-supplied data in the broker intercommunication layer. An unauthenticated attacker can exploit this via crafted network packets to execute arbitrary code with broker privileges.\n- Affected Versions**: Apache Kafka < 3.9.1\n- Source**: [NIST NVD - CVE-2026-28743](https://nvd.nist.gov/vuln/detail/CVE-2026-28743)\n\n## Analysis\n2. **CVE-2026-31029 – Privilege Escalation in Linux Kernel (netfilter)**\n\n- **Description**: A use-after-free vulnerability in the netfilter subsystem of the Linux kernel (versions 5.15 to 6.11) allows a local attacker to escalate privileges to root. Exploitation has been observed in targeted environments.\n\n- **Affected Systems**: Linux kernel 5.15 through 6.11 without latest patches\n\n## Sources\n- https://nvd.nist.gov/vuln/detail/CVE-2026-28743\n- https://nvd.nist.gov/vuln/detail/CVE-2026-31029\n- https://www.fortinet.com/support/psirt\n- https://nvd.nist.gov/vuln/detail/CVE-2026-29814\n- https://nvd.nist.gov/vuln/detail/CVE-2026-30055\n- https://nvd.nist.gov\n- https://cve.mitre.org\n\n## Implications\n- Exploitation could lead to full system compromise\n- Open-source release lowers adoption barriers and enables community-driven iteration\n- Security findings related to Apache Kafka warrant review by infrastructure teams","keywords":["rust-lang","cybersecurity","zo-research"],"about":[],"citation":[],"isPartOf":{"@type":"Dataset","name":"Forge Cascade Knowledge Graph","url":"https://forgecascade.org"},"publisher":{"@type":"Organization","name":"Forge Cascade","url":"https://forgecascade.org"}}