OpenShift GitOps Privilege Escalation Vulnerability (CVE-2025-13888) Enables Cluster Takeover
A critical vulnerability (CVE-2025-13888) has been identified in OpenShift GitOps, allowing namespace administrators to escalate privileges and potentially take over entire Kubernetes clusters. The flaw enables authenticated attackers to create ArgoCD Custom Resources (CRs) that manipulate the system into granting elevated permissions in other namespaces, including those with privileged access. By leveraging these permissions, attackers can deploy privileged workloads on master nodes, effectively achieving root access across the cluster.
Security advisories highlight that this vulnerability is remotely exploitable and poses a significant risk to organizations using OpenShift GitOps. The issue was disclosed by Red Hat, and while specific affected product versions are not detailed, the vulnerability is rated as critical with a CVSS score of 9.1. Organizations are urged to review their OpenShift GitOps deployments and apply mitigations or patches as recommended by the vendor to prevent potential exploitation and cluster compromise.
Timeline
Dec 16, 2025
Public reporting highlights cluster takeover risk from CVE-2025-13888
Subsequent public coverage described CVE-2025-13888 as a critical OpenShift GitOps flaw that could allow privilege escalation to root and full control of affected clusters. This reporting reiterated the severity and impact of the vulnerability rather than introducing a separate incident.
Dec 15, 2025
Red Hat confirms critical OpenShift GitOps privilege-escalation flaw
Red Hat disclosed CVE-2025-13888, a critical OpenShift GitOps vulnerability in ArgoCD custom resources that can let a namespace administrator gain elevated permissions across namespaces and ultimately achieve cluster takeover. The issue was classified as CWE-266 and rated 9.1 CVSS, with Red Hat recommending mitigations and updates.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Related Entities
Vulnerabilities
Organizations
Sources
Related Stories
Critical OpenShift and OpenSSH Flaws Expose Linux Systems to Root Access
Authorities warned that **Red Hat OpenShift Container Platform 4** contains two high-severity vulnerabilities that can lead to code execution and node takeover in enterprise container environments. `CVE-2024-45496` in `ose-openshift-controller-manager-container` carries a **CVSS 9.9** rating and can allow arbitrary code execution on an OpenShift node when a user with developer-level access exploits insufficient restrictions on elevated privileges. `CVE-2024-7387` in `openshift4/ose-docker-builder`, rated **CVSS 9.1**, can enable arbitrary command execution on an OpenShift node and may allow privilege escalation and full control of the affected node. At the time of the alert, mitigations were available but vendor patches had not yet been released. A separate alert highlighted the **regreSSHion** flaw in **OpenSSH**, which can give an attacker unrestricted root-level access on vulnerable Linux and FreeBSD-based systems. The issue affects OpenSSH versions from `8.5p1` up to but not including `9.8p1`, as well as versions earlier than `4.4p1`; OpenBSD-based systems were reported as not vulnerable. Successful exploitation has been confirmed on systems using **glibc**, while systems using **musl libc** were reported as not vulnerable, and the attack currently requires repeated attempts over hours or days. A fix is available in **OpenSSH `9.8p1`**, though some distributors have backported the patch, meaning package version numbers alone may not reliably indicate exposure.
1 weeks ago
Red Hat OpenShift AI flaws exposed cross-namespace Llama services and service account tokens
Red Hat disclosed two high-severity vulnerabilities in OpenShift AI that could let authenticated attackers access other tenants’ resources and sensitive Kubernetes credentials. **CVE-2025-12805** affects the `llama-stack-operator`, where a missing `NetworkPolicy` left the Llama Stack service endpoint reachable across namespaces. Red Hat said a user in one namespace could directly access another user’s Llama Stack instance and potentially view or manipulate sensitive data, with the issue tracked under **CWE-653** and rated `CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N`. A second flaw, **CVE-2026-5483**, impacts the `odh-dashboard` component and can expose Kubernetes Service Account tokens through a Node.js endpoint. Red Hat warned that disclosure of those tokens could enable unauthorized access to Kubernetes resources; the issue is mapped to **CWE-201** and carries the vector `CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H`. Red Hat published CVE records, Bugzilla entries, and errata references for both vulnerabilities, highlighting risks to confidentiality and integrity in multi-tenant OpenShift AI deployments.
3 weeks ago
Multiple Critical Vulnerability Disclosures Across Gogs, Jinjava, and Kubernetes Local Path Provisioner
Several **high-severity vulnerability disclosures** were published across widely used developer and infrastructure components, with impacts ranging from **remote code execution (RCE)** to **account takeover** and **arbitrary host file writes**. In *Gogs* (self-hosted Git service), three CVEs were reported: **CVE-2025-64111** (CVSS 9.3) enables RCE by bypassing checks in `UpdateRepoFile` to modify `.git/config` via the API (described as an insufficient fix for an earlier issue); **CVE-2025-64175** (CVSS 7.7) allows a **cross-account 2FA recovery-code bypass** in versions `0.13.3` and earlier if an attacker already has a victim’s username/password; and **CVE-2026-24135** (CVSS 7.2) is a wiki rename path traversal that can delete arbitrary files by manipulating `old_title`. Separately, *Jinjava* (HubSpot CMS template engine) disclosed **CVE-2026-25526** (CVSS 9.8), a sandbox escape chain that permits arbitrary Java code execution by abusing `ForTag` iteration behavior (Bean ELResolver restriction bypass) and `ObjectMapper`-based JSON deserialization to instantiate disallowed classes. A critical Kubernetes storage issue was also disclosed in *Kubernetes Local Path Provisioner*: **CVE-2025-62878** (CVSS 10.0) allows directory traversal via the `parameters.pathPattern` setting, enabling a user who can create storage resources to provision volumes in arbitrary host locations (e.g., `/etc`) and potentially overwrite sensitive files on cluster nodes. In parallel to these product flaws, separate research reported widespread **exposure of Git metadata** on the public internet—approximately **4.96 million** IPs with accessible `.git` directories and **250,000+** exposing `.git/config` files that may contain deployment credentials—highlighting a common, high-impact misconfiguration pattern that can enable source code reconstruction and secret theft. Active exploitation activity was reported for *Ivanti Endpoint Manager Mobile (EPMM)* involving **CVE-2026-1281** and **CVE-2026-1340**, where attackers were observed dropping `/mifs/403.jsp` and using a Base64-delivered Java class loader designed for delayed, in-memory activation rather than immediate interactive webshell use.
1 months ago