EUVD-2025-28660

Malicious code in bioql PyPI...

CVE-2025-58061

OpenEBS Local PV RawFile allows dynamic deployment of Stateful Persistent Node-Local Volumes & Filesystems for Kubernetes. Prior to version 0.10.0, persistent volume data is world readable and that would allow non-privileged users to access sensitive data such as databases of k8s workload. The...

CVE-2025-58061 OpenEBS Local PV RawFile persistent volume data is world readable

OpenEBS Local PV RawFile allows dynamic deployment of Stateful Persistent Node-Local Volumes & Filesystems for Kubernetes. Prior to version 0.10.0, persistent volume data is world readable and that would allow non-privileged users to access sensitive data such as databases of k8s workload. The...

CVE-2025-58061

OpenEBS Local PV RawFile before v0.10.0 stores persistent volume data under /var/csi/rawfile/ with world-readable permissions, enabling non-privileged users to access potentially sensitive data such as databases in Kubernetes workloads. The issue is fixed in v0.10.0. Affected product: OpenEBS Loc...

World Readable Data

tripleo-heat-templates contains a world readable data vulnerability. The library does not set the proper permissions during the creation of the ceph.client.openstack.keyring, allowing a local user to access the keyring to read or modify data. This vulnerability only affects setups with openstack...