- Description
- A malicious user can manipulate the parameters.pathPattern to create PersistentVolumes in arbitrary locations on the host node, potentially overwriting sensitive files or gaining access to unintended directories.
- Source
- meissner@suse.de
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 9.9
- Impact score
- 6
- Exploitability score
- 3.1
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- meissner@suse.de
- CWE-23
- Hype score
- Not currently trending
CVE-2025-62878 (CVSS:9.9, CRITICAL) is Awaiting Analysis. A malicious user can manipulate the parameters.pathPattern to create PersistentVolumes in arbitrary locations on the hos..https://t.co/7IP4QXeoup #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
2 Mar 2026
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-62878 A malicious user can manipulate the parameters.pathPattern to create PersistentVolumes in arbitrary locations on the host node, potentially overwriting sensitive file… https://t.co/qRMiqpbEG0
@CVEnew
25 Feb 2026
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
**CVE-2025-62878** is a critical security flaw affecting systems that utilize a specific component responsible for managing PersistentVolumes (PVs). The vulnerability arises from the improper handling of the `parameters.pathPattern`, allowing a malicious user to manipulate this
@CveTodo
25 Feb 2026
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-62878 Path Traversal in Local Path Provisioner Allows Arbitrary File Access via pathPattern Parameter https://t.co/kOSNga9PcD
@VulmonFeeds
12 Feb 2026
36 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 خطورة عالية في Kubernetes Local Path Provisioner تم اكتشاف ثغرة أمنية خطيرة جداً CVE-2025-62878، ذات تصنيف 10.0، في مكون أساسي لتخزين Kubernetes. تسمح هذه الثغرة بالوصول غير المصرح
@MisbarSec
11 Feb 2026
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-62878: Kubernetes ローカルパスプロビジョナーに重大な 10.0 の脆弱性が発見されました CVE-2025-62878: Critical 10.0 Vulnerability Found in Kubernetes Local Path Provisioner #DailyCyberSecurity (Feb 9) https://t.co/3MdjUnzPiH
@foxbook
10 Feb 2026
244 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-62878: Critical 10.0 Vulnerability Found in Kubernetes Local Path Provisioner https://t.co/R9pmhgbYhA
@Karma_X_Inc
9 Feb 2026
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVSS 10.0 Alert: Kubernetes Local Path Provisioner flaw (CVE-2025-62878) allows host file overwrites. Upgrade to v0.0.34 immediately. #Kubernetes #K8s #CyberSecurity #CVE202562878 #CloudSecurity #InfoSec #DevSecOps https://t.co/OKDsSrbLaw
@the_yellow_fall
9 Feb 2026
527 Impressions
1 Retweet
8 Likes
1 Bookmark
1 Reply
0 Quotes
Rancher Local Path Provisioner has a critical path traversal vulnerability (CVE-2025-62878). Threat actors with cluster access may exploit this. Update to 0.0.34. #Kubernetes #CloudNative #Security https://t.co/zdBi9wrOVw
@pulsepatchio
5 Feb 2026
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes