CVE-2025-14525

Description

KubeVirt Guest Agent DoS via Excessive Network Interface Reports in kubevirt.io/kubevirt

How to fix CVE-2025-14525

No fixed version has been published yet. Mitigate by removing the affected package or applying upstream guidance from the references below.

• Go/kubevirt.io/kubevirt—no fix listed
• —no fix listed

Is CVE-2025-14525 being exploited?

Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.

Affected packages (2)

• from 0, <= 1.7.0
• from 0

CVSS scores

References (6)

• ADVISORYgithub.com/advisories/GHSA-25mh-hp8x-cgrv
• ADVISORYnvd.nist.gov/vuln/detail/CVE-2025-14525
• PATCHgithub.com/kubevirt/kubevirt
• WEBaccess.redhat.com/security/cve/CVE-2025-14525
• WEB