21/08/2025

ZDI-25-855: (0Day) Cockroach Labs cockroach-k8s-request-cert Empty Root Password Authentication Bypass Vulnerability

This vulnerability could allow remote attackers to bypass authentication on systems that use the affected version of the Cockroach Labs cockroach-k8s-request-cert container image. The ZDI has assigned a CVSS rating of 9.8. The following CVEs are assigned: CVE-2025-9276.

Comments are closed.

You may also like

ZDI-25-393: Siemens TeleControl Server Basic UpdateBufferingSettings SQL Injection Information Disclosure Vulnerability

ZDI-25-370: Trend Micro Endpoint Encryption PolicyServerWindowsService Deserialization of Untrusted Data Remote Code Execution Vulnerability