Security Advisory

CVE-2025-14459

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-26 19:36:29

Last updated 2026-01-26 21:01:36

Assigner redhat

State PUBLISHED

Description

A flaw was found in KubeVirt Containerized Data Importer (CDI). This vulnerability allows a user to clone PersistentVolumeClaims (PVCs) from unauthorized namespaces, resulting in unauthorized access to data via the DataImportCron PVC source mechanism.

← Browse all CVEs View on cve.org ↗