Root has patched CVE-2026-33558 in the io.root.org.apache.kafka:kafka-clients package for Root:Maven. Multiple fixed versions available.
{
"distro_version": "",
"distro": "maven",
"severity": "MEDIUM",
"source": "Root"
}"root.io.4"
"3.8.1"
10.0
true
[
"3.8.1-root.io.1",
"3.9.1-root.io.3",
"3.8.1-root.io.2",
"3.6.0-root.io.2",
"3.6.0-root.io.3",
"3.8.1-root.io.3",
"3.9.1-root.io.4",
"3.0.0-root.io.1",
"3.7.1-root.io.3",
"3.8.1-root.io.4"
]
"https://api.root.io/external/osv/ROOT-APP-MAVEN-CVE-2026-33558.json"
""
"https://api.root.io/external/osv/ROOT-APP-MAVEN-CVE-2026-33558.json"
6.0
true
[
"3.6.0-aikido.3",
"3.8.1-aikido.3",
"3.9.1-aikido.4",
"3.0.0-aikido.1",
"3.7.1-aikido.3",
"3.8.1-aikido.4"
]
"3.8.1-aikido.4"