Primary

Context

KrakenD Circuit Breaker Component Improper Resource Shutdown Vulnerability

Vulnerability

Patched

A vulnerability has been identified in the Circuit Breaker modules of KrakenD Community Edition (CE) versions prior to 2.13.1 and KrakenD Enterprise Edition (EE) versions prior to 2.12.5. This vulnerability involves improper resource shutdown or release, which could lead to uncontrolled context cancellations. Such a flaw can cascade through a system under load, causing unexpected request failures and degraded service availability.

Impact

Exploitation of this vulnerability could result in uncontrolled context cancellations, leading to request failures and degraded service availability, especially under load.

Remediation

Users are advised to upgrade to KrakenD CE version 2.13.1 or KrakenD EE version 2.12.5, both of which include the necessary patch for this vulnerability.

Added: Feb 25, 2026, 7:57 PM

Updated: Feb 25, 2026, 7:57 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

2.5

exploitability

6.6

remediation

7.7

relevance

3.2

threat

0.0

urgency

0.0

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

2.5

exploitability

6.6

remediation

7.7

relevance

3.2

threat

0.0

urgency

0.0

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

KrakenD Circuit Breaker Component Improper Resource Shutdown Vulnerability

Vulnerability

Impact

Remediation

Affected Products

KrakenD

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating