CVE-2026-24281 | Apache ZooKeeper up to 3.8.5/3.9.4 ZKTrustManager certificate host validation

A vulnerability identified as critical has been detected in Apache ZooKeeper up to 3.8.5/3.9.4. This issue affects some unknown processing of the component ZKTrustManager. Performing a manipulation results in certificate with host mismatch.

This vulnerability is reported as CVE-2026-24281. The attack is possible to be carried out remotely. No exploit exists.

You should upgrade the affected component.VulDB Recent EntriesRead More