Kubevirt.io/kubevirt
This hub aggregates every CVE we track for Kubevirt.io/kubevirt, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
14
CVEs tracked
1
Critical
3
High
0
In CISA KEV
Severity distribution
MEDIUM10HIGH3CRITICAL1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
7
0
1
0
0
0
0
0
2024-072026-06
Latest CVEs
The 14 most recently published vulnerabilities affecting Kubevirt.io/kubevirt.
- CVE-2025-14525Kubevirt: kubevirt: vm administration denial of service via guest agent6.4
- CVE-2025-64324KubeVirt Vulnerable to Arbitrary Host File Read and Write7.7
- CVE-2025-64433KubeVirt Arbitrary Container File Read6.5
- CVE-2025-64437KubeVirt Isolation Detection Flaw Allows Arbitrary File Permission Changes5.0
- CVE-2025-64436KubeVirt Excessive Role Permissions Could Enable Unauthorized VMI Migrations Between Nodes5.3
- CVE-2025-64435KubeVirt VMI Denial-of-Service (DoS) Using Pod Impersonation5.3
- CVE-2025-64434KubeVirt Improper TLS Certificate Management Handling Allows API Identity Spoofing4.7
- CVE-2025-64432KubeVirt Affected by an Authentication Bypass in Kubernetes Aggregation Layer4.7
- CVE-2024-33394An issue in kubevirt kubevirt v1.2.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component.5.9
- CVE-2024-31420Cnv: dos through repeatedly calling vm-dump-metrics until virt handler crashes6.5
- CVE-2023-26484On a compromised KubeVirt node, the virt-handler service account can be used to modify all node specs8.2
- CVE-2022-1798Path Traversal vulnerability in Kubevirt8.7
- CVE-2020-1701A flaw was found in the KubeVirt main virt-handler versions before 0.26.0 regarding the access permissions of virt-handler. An attacker with access to create VMs could attach any secret within thei...6.5
- CVE-2020-14316A flaw was found in kubevirt 0.29 and earlier. Virtual Machine Instances (VMIs) can be used to gain access to the host's filesystem. Successful exploitation allows an attacker to assume the privile...9.9
Product normalization is registry-driven with AI assist and human review. How it works