Medium severity5.0NVD Advisory· Published Oct 28, 2025· Updated Apr 23, 2026

CVE-2025-12103

Description

A flaw was found in Red Hat Openshift AI Service. The TrustyAI component is granting all service accounts and users on a cluster permissions to get, list, watch any pod in any namespace on the cluster.

TrustyAI is creating a role trustyai-service-operator-lmeval-user-role and a CRB trustyai-service-operator-default-lmeval-user-rolebinding which is being applied to system:authenticated making it so that every single user or service account can get a list of pods running in any namespace on the cluster

Additionally users can access all persistentvolumeclaims and lmevaljobs

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

access.redhat.com/errata/RHSA-2025:21117nvd
access.redhat.com/errata/RHSA-2026:10184nvd
access.redhat.com/security/cve/CVE-2025-12103nvd
bugzilla.redhat.com/show_bug.cginvd

News mentions

No linked articles in our index yet.

cvss	0.325
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000