CVE-2025-12805 — HIGH (8.1)

Vulnerability Description

A flaw was found in Red Hat OpenShift AI (RHOAI) llama-stack-operator. This vulnerability allows unauthorized access to Llama Stack services deployed in other namespaces via direct network requests, because no NetworkPolicy restricts access to the llama-stack service endpoint. As a result, a user in one namespace can access another user’s Llama Stack instance and potentially view or manipulate sensitive data.

CVSS Score

8.1

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Redhat	Openshift Ai	2.25

Related Weaknesses (CWE)

CWE-653

References

https://access.redhat.com/errata/RHSA-2026:2106Vendor Advisory
https://access.redhat.com/errata/RHSA-2026:2695Vendor Advisory
https://access.redhat.com/security/cve/CVE-2025-12805Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2413101ExploitIssue TrackingVendor Advisory

FAQ

What is CVE-2025-12805?

CVE-2025-12805 is a vulnerability with a CVSS score of 8.1 (HIGH). A flaw was found in Red Hat OpenShift AI (RHOAI) llama-stack-operator. This vulnerability allows unauthorized access to Llama Stack services deployed in other namespaces via direct network requests, b...

How severe is CVE-2025-12805?

CVE-2025-12805 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-12805?

Check the references section above for vendor advisories and patch information. Affected products include: Redhat Openshift Ai.