CVE-2026-13325 - Virt-handler-rhel9: kubevirt: kubevirt: disabletls migration setting removes authentication, exposing unauthenticated virtqemud proxy on all interfaces
CVE ID :CVE-2026-13325 Published : June 26, 2026, 10:41 a.m. | 30 minutes ago Description :A flaw was found in KubeVirt's migration proxy. When spec.configuration.migrations.disableTLS is set to true on the KubeVirt custom resource, the target virt-handler binds a plain TCP listener on all...