CLEANSTART-2026-AV84730

Security fixes for CVE-2026-1605, CVE-2026-22732, CVE-2026-24281, CVE-2026-33870, CVE-2026-33871, CVE-2026-3505, CVE-2026-5588, ghsa-355h-qmc2-wpwf, ghsa-3677-xxcr-wjqv, ghsa-72hv-8253-57qq, ghsa-c3fc-8qff-9hwx, ghsa-cj8j-37rh-8475, ghsa-cvc6-q2cp-2xhw, ghsa-qqpg-mvqg-649v, ghsa-vxf7-qj7q-83fh, ghsa-wg6q-6289-32hp, ghsa-x2wq-9x2f-fhj7, ghsa-x44p-gvrj-pj2r applied in versions: 2.7.2-r0, 2.7.2-r2, 2.9.0-r0, 2.9.0-r1

Details

Multiple security vulnerabilities affect the apache-nifi package. These issues are resolved in later releases. See references for individual vulnerability details.

References

Affected packages

CleanStart / apache-nifi

Package

Name: apache-nifi

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.9.0-r1

Database specific

source

"https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-AV84730.json"