CVE-2025-41240

🗓️ 24 Jul 2025 06:42:25Reported by vmwareType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 26 Views

Kubernetes Secrets are mounted in predictable paths, risking unauthorized access to sensitive credentials.

Reporter	Title	Published	Views	Family All 12
ATTACKERKB	CVE-2025-41240	24 Jul 202506:42	–	attackerkb
Circl	CVE-2025-41240	29 Jul 202503:42	–	circl
CNNVD	Rucio Helm Charts 安全漏洞	24 Jul 202500:00	–	cnnvd
Cvelist	CVE-2025-41240 Mounted Kubernetes Secrets under a predictable path located within the web server document root	24 Jul 202506:42	–	cvelist
EUVD	EUVD-2025-22486	3 Oct 202520:07	–	euvd
NVD	CVE-2025-41240	24 Jul 202507:15	–	nvd
OSV	BIT-APPSMITH-2025-41240	23 Jul 202514:00	–	osv
OSV	BIT-DRUPAL-2025-41240	23 Jul 202514:00	–	osv
OSV	BIT-WORDPRESS-2025-41240	23 Jul 202514:00	–	osv
Positive Technologies	PT-2025-30604 · Bitnami · Appsmith +2	23 Jul 202500:00	–	ptsecurity

[
  {
    "defaultStatus": "unaffected",
    "packageName": "bitnamicharts/appsmith",
    "product": "bitnamicharts/appsmith",
    "vendor": "VMware",
    "versions": [
      {
        "lessThanOrEqual": "22.0.4",
        "status": "affected",
        "version": "21.2.0",
        "versionType": "Helm"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "bitnamicharts/drupal",
    "product": "bitnamicharts/drupal",
    "vendor": "VMware",
    "versions": [
      {
        "lessThan": "6.0.19",
        "status": "affected",
        "version": "5.2.0",
        "versionType": "Helm"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "packageName": "bitnamicharts/wordpress",
    "product": "bitnamicharts/wordpress",
    "vendor": "VMware",
    "versions": [
      {
        "lessThan": "25.0.4",
        "status": "affected",
        "version": "24.2.0",
        "versionType": "Helm"
      }
    ]
  }
]

Source	Link
github	www.github.com/bitnami/charts/security/advisories/GHSA-wgg9-9qgw-529w

17 Jun 2026 09:22Current

6.3Medium risk

Vulners AI Score6.3

CVSS 3.110

EPSS0.00667

SSVC

CWE-552