Medium severity6.5OSV Advisory· Published Dec 16, 2025· Updated Apr 15, 2026

CVE-2025-14758

Description

Incorrect configuration of replication security in the MariaDB component of the infra-operator in YAOOK Operator allows an on-path attacker to read database contents, potentially including credentials

Affected products

Yaook/OperatorOSV
Range: 0.20240809.0, 0.20240919.2, 0.20241021.0, …

Patches

5544d2cda04a

https://gitlab.com/yaook/operatorvia osv

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

gitlab.com/yaook/operator/-/issues/631nvd

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000