cvedb.io
CVE-2025-62877
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2026-01-08T13:15:41.923 · Last modified 2026-06-17T09:52:34.717

Summary

Projects using the SUSE Virtualization (Harvester) environment may expose the OS default ssh login password  if they are using the 1.5.x or 1.6.x interactive installer to either create a new cluster or add new hosts to an existing cluster. The environment is not affected if the PXE boot mechanism is utilized along with the Harvester configuration setup.

Does this affect you?

Add your gear to cvedb and we'll alert you only when a vendor you run ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.