Vulnerability in Opensuse Tumbleweed

CVE-2025-46810

A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of openSUSE Tumbleweed traefik2 allows the traefik user to escalate to root. This issue affects Tumbleweed: from ? before 2.11.29.

EPSS: 0.002 (4.6th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2025-46810?
CVE-2025-46810 is a vulnerability in Opensuse Tumbleweed, classified under UNIX Symbolic Link (Symlink) Following. Published 2025-09-02.
Is CVE-2025-46810 known to be exploited?
1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.