21/08/2025

ZDI-25-855: (0Day) Cockroach Labs cockroach-k8s-request-cert Empty Root Password Authentication Bypass Vulnerability

This vulnerability could allow remote attackers to bypass authentication on systems that use the affected version of the Cockroach Labs cockroach-k8s-request-cert container image. The ZDI has assigned a CVSS rating of 9.8. The following CVEs are assigned: CVE-2025-9276.

Comments are closed.

You may also like

ZDI-25-1062: Fuji Electric Monitouch V-SFT V7 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

ZDI-25-832: Delta Electronics DIAView Directory Traversal Remote Code Execution Vulnerability