CVE-2025-8415

Name of the Vulnerable Software and Affected Versions: Cryostat HTTP API (affected versions not specified)

Description: Cryostat’s HTTP API binds to all network interfaces, potentially allowing external visibility and access to the API port if Network Policies are disabled. This could allow an unauthenticated, malicious attacker to compromise the environment.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.