CVE-2025-62878 – Local Path Provisioner vulnerable to Path Traversal via parameters.pathPattern

CVE ID : CVE-2025-62878

Published : Feb. 25, 2026, 10:49 a.m. | 18 minutes ago

Description : A malicious user can manipulate the parameters.pathPattern to create PersistentVolumes in arbitrary locations on the host node, potentially overwriting sensitive files or gaining access to unintended directories.

Severity: 9.9 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-2624 – Authentication Bypass in ePati’s Antikor NGFW

CVE-2026-21725 – Authorization Bypass via TOCTOU in Grafana Datasource Deletion by Name

CVE-2026-0704 – Octopus Deploy File Traversal Vulnerability

CVE-2026-3118 – Rhdh: graphql injection leading to platform-wide denial of service (dos) in rh developer hub orchestrator plugin