Command-Line Credential Exposure in NeuVector Scanner by NeuVector
CVE-2025-67860

3.8LOW

Key Information:

Vendor: Suse
Status: Harvester
Vendor: CVE Published:; 25 February 2026

What is CVE-2025-67860?

A vulnerability in the NeuVector scanner allows the scanner process to accept registry and controller credentials as command-line arguments. This could unintentionally expose sensitive credentials to local users, thereby posing a significant risk to the integrity and confidentiality of user data. Organizations using this product should promptly review their security practices and ensure that sensitive information is not passed as command-line arguments to mitigate potential exposure.

Affected Version(s)

harvester 4.0 < 4.072

References

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-67860

https://github.com/harvester/harvester/security/advisorie...

CVSS V3.1

Score:

3.8

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 25, 2026
Vulnerability Reserved
Dec 12, 2025

CVE-2025-67860 Data

JSON

Suse

What is CVE-2025-67860?

Affected Version(s)

References

CVSS V3.1

Timeline