Security Advisory

CVE-2025-6193

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-06-20 15:54:13

Last updated 2026-03-25 12:45:04

Assigner redhat

State PUBLISHED

Description

A command injection vulnerability was discovered in the TrustyAI Explainability toolkit. Arbitrary commands placed in certain fields of a LMEValJob custom resource (CR) may be executed in the LMEvalJob pods terminal. This issue can be exploited via a maliciously crafted LMEvalJob by a user with permissions to deploy a CR.

← Browse all CVEs View on cve.org ↗