CVE-2025-12805 HIGH

CVE-2025-12805: Llama-stack-k8s-operator: llama stack service exposed across namespaces due to missing networkpolicy

Vendor Red Hat
Product Red Hat OpenShift AI (RHOAI)
Weakness CWE-653
Published March 26, 2026
Last update March 31, 2026

CVSS base score

8.1/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

What the vulnerability does

01Description

A flaw was found in Red Hat OpenShift AI (RHOAI) llama-stack-operator. This vulnerability allows unauthorized access to Llama Stack services deployed in other namespaces via direct network requests, because no NetworkPolicy restricts access to the llama-stack service endpoint. As a result, a user in one namespace can access another user’s Llama Stack instance and potentially view or manipulate sensitive data.

Key dates

02Disclosure timeline

March 26, 2026 CVE published
March 31, 2026 Record updated