RCE in Kubernetes-sigs Headlamp

CVE-2025-53542

Headlamp is an extensible Kubernetes web UI. A command injection vulnerability was discovered in the codeSign.js script used in the macOS packaging workflow of the Kubernetes Headlamp project. This issue arises due to the improper use of N…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.007 (47.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.7 (High). Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2025-53542?
CVE-2025-53542 is a high-severity vulnerability in Kubernetes-sigs Headlamp, classified under OS Command Injection. CVSS score: 7.7/10. Published 2025-07-10.
How severe is CVE-2025-53542?
High severity. CVSS v3 base score is 7.7 out of 10.