CVE-2025-10725CRITICAL 9.9EPSS p47.8%

CVE-2025-10725CVE-2025-10725

Description

A flaw was found in Red Hat Openshift AI Service. A low-privileged attacker with access to an authenticated account, for example as a data scientist using a standard Jupyter notebook, can escalate their privileges to a full cluster administrator. This allows for the complete compromise of the cluster's confidentiality, integrity, and availability. The attacker can steal sensitive data, disrupt all services, and take control of the underlying infrastructure, leading to a total breach of the platform and all applications hosted on it.

Scoring

CVSS 3.19.9 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS0.69% probability of exploitation · percentile 47.8% · 2026-06-18T12:00:27Z
Published2025-09-30
Last modified2026-04-15

Underlying weaknesses· 1

CWE-266

References

  1. https://access.redhat.com/errata/RHSA-2025:16981
  2. https://access.redhat.com/errata/RHSA-2025:16982
  3. https://access.redhat.com/errata/RHSA-2025:16983
  4. https://access.redhat.com/errata/RHSA-2025:16984
  5. https://access.redhat.com/errata/RHSA-2025:17501
  6. https://access.redhat.com/security/cve/CVE-2025-10725
  7. https://bugzilla.redhat.com/show_bug.cgi?id=2396641
  8. https://github.com/opendatahub-io/opendatahub-operator/commit/070057ebd0882be0e397bee1daa18c36374a03c0

1

TypeTargetConfidenceTier
WeaknessIncorrect Privilege Assignmentcwe-2660%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-12805
CVE
CVE-2026-5483
CVE
CVE-2025-13888
CVE
CVE-2025-11393
CVE
CVE-2025-53767
CVE
CVE-2025-49746
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.