When producing Avro messages through Karapace REST Proxy with name_strategy_validation=true, schema-to-subject validation can be bypassed in a real user flow.
If I first produce to topic A using a schema (so the proxy has already resolved that schema), then produce to topic B with the same schema, the second produce can succeed even though topic B has no corresponding subject in Schema Registry and should be rejected.
Expected behavior: with name_strategy_validation=true, producing to topic B should fail unless the schema is registered under topic B’s subject.
Actual behavior: after a prior successful produce on another topic, producing to topic B may still succeed, which looks like a cache-related validation gap.

Example

Schema Registry ACL: the REST user can register subjects only for topic.v1.
The request body is the same in all three cases:

{
  "key_schema": "\"string\"",
  "value_schema": "..."
  "records": [...]

1. POST http://localhost:8082/topics/topic.v2 -> Error

{
  "error_code": 40801,
  "message": "Error when registering schema.format = AVRO, subject = topic.v2-value"
}

2. POST http://localhost:8082/topics/topic.v1 -> Success

{
  "key_schema_id": 1,
  "offsets": [
    {
      "offset": 5,
      "partition": 0
    }
  ],
  "value_schema_id": 2
}

3. POST http://localhost:8082/topics/topic.v2 -> Unexpected success (should have failed)

{
  "key_schema_id": 1,
  "offsets": [
    {
      "offset": 3,
      "partition": 0
    }
  ],
  "value_schema_id": 2
}

Also:

curl -u admin:pass localhost:8081/subjects
["topic.v1-key","topic.v1-value"]

So no new subjects were registered.