CVE-2026-10143 | Dana Powers kafka-python up to 2.3.1 scram.py ScramClient.process_server_first_message resource consumption
A vulnerability described as problematic has been identified in Dana Powers kafka-python up to 2.3.1. This affects the function ScramClient.process_server_first_message of the file scram.py. Executing a manipulation can lead to resource consumption.
This vulnerability is tracked as CVE-2026-10143. The attack can be launched remotely. No exploit exists.
Upgrading the affected component is recommended.