CVE-2025-14243

MEDIUM NVD

CVSS Score 5.3

Severity MEDIUM

Published Apr 08, 2026

Vendor unknown

Description

A flaw was found in the OpenShift Mirror Registry. This vulnerability allows an unauthenticated, remote attacker to enumerate valid usernames and email addresses via different error messages during authentication failures and account creation.

References

https://access.redhat.com/security/cve/CVE-2025-14243
https://bugzilla.redhat.com/show_bug.cgi?id=2419829