CVE-2025-14459

Publication date

2026-01-26 19:36:29

Family

redhat

State

PUBLISHED

Description

A flaw was found in KubeVirt Containerized Data Importer (CDI). This vulnerability allows a user to clone PersistentVolumeClaims (PVCs) from unauthorized namespaces, resulting in unauthorized access to data via the DataImportCron PVC source mechanism.