kubevirt-1.6 (SUSE:Linux Enterprise Module for Containers 15 SP7) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Containers 15 SP7 package kubevirt-1.6, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (7)
CVE-2026-7374 — CVSS 9.9 (critical): A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a…
CVE-2026-33186 — CVSS 9.1 (critical): gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input…
CVE-2025-47913 — CVSS 7.5 (high): SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.
CVE-2025-58190 — CVSS 5.3 (medium): The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of…
CVE-2025-58181 — CVSS 5.3 (medium): SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker…
CVE-2025-47914 — CVSS 5.3 (medium): SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the…
CVE-2025-47911 — CVSS 5.3 (medium): The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial…