CVE-2025-62878CRITICAL 9.9EPSS p43.2%

CVE-2025-62878CVE-2025-62878

Description

A malicious user can manipulate the parameters.pathPattern to create PersistentVolumes in arbitrary locations on the host node, potentially overwriting sensitive files or gaining access to unintended directories.

Scoring

CVSS 3.19.9 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS0.58% probability of exploitation · percentile 43.2% · 2026-06-19T12:03:05Z
Published2026-02-25
Last modified2026-04-15

Underlying weaknesses· 1

CWE-23

References

  1. https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-62878
  2. https://github.com/advisories/GHSA-jr3w-9vfr-c746

1

TypeTargetConfidenceTier
WeaknessRelative Path Traversalcwe-230%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-1127
CVE
CVE-2025-62630
CVE
CVE-2025-59171
CVE
CVE-2025-57790
CVE
CVE-2026-22907
CVE
CVE-2025-58423
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.