CVE-2025-61688

Published: Oct 13, 2025Modified: Dec 4, 2025

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Omni manages Kubernetes on bare metal, virtual machines, or in a cloud. Prior to 1.1.5 and 1.0.2, Omni might leak sensitive information via an API.

Products: Siderolabs: Omni

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Siderolabs Omni	Before 1.0.2
Siderolabs Omni	From 1.1.0 to 1.1.5

Source: security-advisories@github.com

Vendor Advisory

No history available yet.