RATATOSKRATATOSK
Sign in

Strimzi

0.51.0Networking & Messaging
Mar 6, 2026

Strimzi 0.51.0 addresses critical CVEs and drops support for Kubernetes versions below 1.30, while adding Kafka 4.2.0 support and moving ServerSideApplyPhase1 to beta.

  • securityUpgrade immediately for CVE fixes

    Two critical CVEs affect Strimzi 0.47.0 and newer versions. Review the security advisories to determine if your deployment is affected, then upgrade to 0.50.1 or 0.51.0 immediately. The CVE numbers appear to be from 2026, which suggests these may be embargoed vulnerabilities with delayed disclosure.

  • breakingVerify Kubernetes compatibility before upgrading

    Strimzi 0.51.0 requires Kubernetes 1.30+. Check your cluster version before upgrading. If running Kubernetes 1.27-1.29, upgrade your cluster first or remain on an earlier Strimzi version until cluster upgrade is possible.

  • breakingUpdate CRDs and KafkaUser resources during upgrade

    Manually upgrade CRDs as part of the Strimzi upgrade process, especially when using Helm. For clusters upgrading from 0.48 or older, update KafkaUser resources to use the new `.spec.authorization.acls[]operations` field format before upgrading.

Key changes (5)

  • Critical security fixes for CVE-2026-27133 and CVE-2026-27134 requiring immediate upgrade from versions 0.47.0+
  • Kubernetes 1.30+ now required - versions 1.27, 1.28, and 1.29 no longer supported
  • Added Kafka 4.2.0 support while removing Kafka 4.0.0 and 4.0.1 compatibility
  • Per-listener Kafka configuration options now available for connection limits and reauthentication settings
  • Ingress listener type deprecated due to upstream project archival in March 2026