{"vulnerability": "cve-2025-46599", "sightings": [{"uuid": "c2e86db9-fa2d-4246-865e-01f4327a2167", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46599", "type": "seen", "source": "https://t.me/cvedetector/23735", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-46599 - K3s Kubernetes Kubelet ReadWritePort Remote Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2025-46599 \nPublished : April 25, 2025, 5:15 a.m. | 1\u00a0hour, 32\u00a0minutes ago \nDescription : CNCF K3s 1.32 before 1.32.4-rc1+k3s1 has a Kubernetes kubelet configuration change with the unintended consequence that, in some situations, ReadOnlyPort is set to 10255. For example, the default behavior of a K3s online installation might allow unauthenticated access to this port, exposing credentials. \nSeverity: 6.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-25T09:09:17.000000Z"}, {"uuid": "734ea65c-0c86-4ccc-8bb3-3fbe23a83393", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46599", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13376", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-46599\n\ud83d\udd25 CVSS Score: 6.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N)\n\ud83d\udd39 Description: CNCF K3s 1.32 before 1.32.4-rc1+k3s1 has a Kubernetes kubelet configuration change with the unintended consequence that, in some situations, ReadOnlyPort is set to 10255. For example, the default behavior of a K3s online installation might allow unauthenticated access to this port, exposing credentials.\n\ud83d\udccf Published: 2025-04-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-25T04:27:34.356Z\n\ud83d\udd17 References:\n1. https://github.com/f1veT/BUG/issues/2\n2. https://cloud.google.com/kubernetes-engine/docs/how-to/disable-kubelet-readonly-port\n3. https://github.com/k3s-io/k3s/issues/12164\n4. https://github.com/k3s-io/k3s/commit/097b63e588e3c844cdf9b967bcd0a69f4fc0aa0a\n5. https://github.com/k3s-io/k3s/compare/v1.32.3+k3s1...v1.32.4-rc1+k3s1", "creation_timestamp": "2025-04-25T05:08:56.000000Z"}, {"uuid": "62a7450b-2528-40f3-aff3-f13ca92dbba2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-46599", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lnmiyzwz5qs2", "content": "", "creation_timestamp": "2025-04-25T05:42:37.248066Z"}]}