CVE-2025-10725
- EPSS 0.07%
- Published 30.09.2025 18:15:47
- Last modified 02.10.2025 19:12:17
A flaw was found in Red Hat Openshift AI Service. A low-privileged attacker with access to an authenticated account, for example as a data scientist using a standard Jupyter notebook, can escalate their privileges to a full cluster administrator. Thi...
CVE-2025-57852
- EPSS 0.01%
- Published 30.09.2025 15:15:53
- Last modified 02.10.2025 19:12:17
A container privilege escalation flaw was found in KServe ModelMesh container images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute comma...
CVE-2025-6193
- EPSS 0.18%
- Published 20.06.2025 15:54:13
- Last modified 02.09.2025 19:15:32
A command injection vulnerability was discovered in the TrustyAI Explainability toolkit. Arbitrary commands placed in certain fields of a LMEValJob custom resource (CR) may be executed in the LMEvalJob pod's terminal. This issue can be exploited via ...
CVE-2024-7557
- EPSS 0.07%
- Published 12.08.2024 13:38:43
- Last modified 18.09.2024 07:15:04
A vulnerability was found in OpenShift AI that allows for authentication bypass and privilege escalation across models within the same namespace. When deploying AI models, the UI provides the option to protect models with authentication. However, cre...