CVE-2025-13193

🗓️ 17 Nov 2025 17:03:48Reported by redhatType

Libvirt flaw leaks guest data via world readable external snapshots of shut down virtual machines.

Reporter	Title	Published	Views	Family All 68
ATTACKERKB	CVE-2025-13193	17 Nov 202517:03	–	attackerkb
AlpineLinux	CVE-2025-13193	17 Nov 202517:03	–	alpinelinux
AstraLinux	Astra Linux – Vulnerability in libvirt	19 Jun 202611:10	–	astralinux
FreeBSD	libvirt -- Multiple vulnerabilities	11 Nov 202500:00	–	freebsd
CBLMariner	CVE-2025-13193 affecting package libvirt for versions less than 10.0.0-6	15 Dec 202516:03	–	cbl_mariner
Circl	CVE-2025-13193	2 Jan 202619:59	–	circl
CNNVD	libvirt 安全漏洞	17 Nov 202500:00	–	cnnvd
Cvelist	CVE-2025-13193 Libvirt: information disclosure via world-readable vm snapshots	17 Nov 202517:03	–	cvelist
Debian CVE	CVE-2025-13193	17 Nov 202517:03	–	debiancve
Tenable Nessus	EulerOS Virtualization 2.12.1 : libvirt (EulerOS-SA-2026-1470)	17 Mar 202600:00	–	nessus

[
  {
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "11.10.0",
        "versionType": "semver"
      }
    ],
    "packageName": "libvirt",
    "collectionURL": "https://gitlab.com/libvirt/libvirt",
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 10",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "libvirt",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:10"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 6",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "libvirt",
    "defaultStatus": "unknown",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:6"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "libvirt",
    "defaultStatus": "unknown",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "virt:rhel/libvirt",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "libvirt",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9"
    ]
  }
]

Source	Link
access	www.access.redhat.com/security/cve/CVE-2025-13193
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

30 Jun 2026 00:16Current

5.6Medium risk

Vulners AI Score5.6

CVSS 3.15.5

EPSS0.00104

SSVC

CWE-276