Security Advisory

CVE-2025-12548

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-13 15:35:01

Last updated 2026-01-21 22:19:04

Assigner redhat

State PUBLISHED

Description

A flaw was found in Eclipse Che che-machine-exec. This vulnerability allows unauthenticated remote arbitrary command execution and secret exfiltration (SSH keys, tokens, etc.) from other users Developer Workspace containers, via an unauthenticated JSON-RPC / websocket API exposed on TCP port 3333.

← Browse all CVEs View on cve.org ↗