Redhat Openshift Virtualization — known CVE vulnerabilities
Every CVE whose affected-product data names Redhat Openshift Virtualization, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2020-14316 — CVSS 9.9 (critical): A flaw was found in kubevirt 0.29 and earlier. Virtual Machine Instances (VMIs) can be used to gain access to the host's filesystem…
CVE-2026-13325 — CVSS 8.5 (high): A flaw was found in KubeVirt's migration proxy. When spec.configuration.migrations.disableTLS is set to true on the KubeVirt custom…
CVE-2026-13201 — CVSS 7.3 (high): A flaw was found in KubeVirt's safepath package used by virt-handler. The OpenAtNoFollow function uses O_PATH|O_NOFOLLOW to obtain a file…
CVE-2020-1742 — CVSS 7.0 (high): An insecure modification vulnerability flaw was found in containers using nmstate/kubernetes-nmstate-handler. An attacker with access to…
CVE-2026-13208 — CVSS 6.5 (medium): A flaw was found in KubeVirt's virt-handler domain notify server. The gRPC handlers for HandleDomainEvent and HandleK8SEvent derive the VMI…
CVE-2026-13318 — CVSS 6.4 (medium): A server-side request forgery (SSRF) flaw was found in KubeVirt's virt-api port-forward handler. When processing a port-forward request to…
CVE-2023-48795 — CVSS 5.9 (medium): The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to…
CVE-2026-13434 — CVSS 4.9 (medium): A flaw was found in KubeVirt's network annotation generator. When a tenant creates a VirtualMachineInstance with a Multus network…
CVE-2026-13218 — CVSS 4.2 (medium): A flaw was found in KubeVirt's virt-handler network cache handling. The WriteToCachedFile function writes data to a launcher-rooted path…
CVE-2026-13322 — CVSS 3.8 (low): A flaw was found in KubeVirt's downward metrics virtio-serial server. The server reads guest requests using textproto.Reader.ReadLine()…