Unauthorized Access Vulnerability in Red Hat OpenShift AI Llama Stack Operator
CVE-2025-12805

8.1HIGH

Key Information:

Vendor: Red Hat
Status: Red Hat Openshift Ai 2.25; Red Hat Openshift Ai (rhoai)
Vendor: CVE Published:; 26 March 2026

🔔 Create Red Hat Vulnerability Alert

What is CVE-2025-12805?

A flaw in Red Hat OpenShift AI's Llama Stack Operator enables unauthorized users to bypass namespace barriers, allowing them to access Llama Stack services directly through network requests. This lack of a NetworkPolicy permits users in one namespace to interact with Llama Stack instances belonging to other namespaces, potentially exposing sensitive data and functionalities to unauthorized parties.

Affected Version(s)

Red Hat OpenShift AI 2.25 sha256:c0d95dfbae20e87113ffb81026d379bb63ad300447df98b27d1bf9a83b084744

Red Hat OpenShift AI 2.25 sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92

References

https://access.redhat.com/errata/RHSA-2026:2106

vendor-advisoryx_refsource_REDHAT

https://access.redhat.com/errata/RHSA-2026:2695

vendor-advisoryx_refsource_REDHAT

https://access.redhat.com/security/cve/CVE-2025-12805

vdb-entryx_refsource_REDHAT

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 26, 2026
Vulnerability Reserved
Nov 6, 2025

CVE-2025-12805 Data

.