CVE-2025-12805

Published: Mar 26, 2026Modified: Apr 30, 2026

8.1

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Exploitability: 2.8 / Impact: 5.2

Source: secalert@redhat.com

Description

A flaw was found in Red Hat OpenShift AI (RHOAI) llama-stack-operator. This vulnerability allows unauthorized access to Llama Stack services deployed in other namespaces via direct network requests, because no NetworkPolicy restricts access to the llama-stack service endpoint. As a result, a user in one namespace can access another user’s Llama Stack instance and potentially view or manipulate sensitive data.

Affected (1)

Products: Redhat: Openshift Ai

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Redhat Openshift Ai	Version 2.25

Related CWEs

Improper Isolation or Compartmentalization

The product does not properly compartmentalize or isolate functionality, processes, or resources that require different privilege levels, rights, or permissions.

References (4)

https://access.redhat.com/errata/RHSA-2026:2106

Source: secalert@redhat.com

Vendor Advisory

https://access.redhat.com/errata/RHSA-2026:2695

Source: secalert@redhat.com

Vendor Advisory

https://access.redhat.com/security/cve/CVE-2025-12805

Source: secalert@redhat.com

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=2413101

Source: secalert@redhat.com

ExploitIssue TrackingVendor Advisory

Timeline

No history available yet.