What is the severity of CVE-2025-9276?

CVE-2025-9276 has a CVSS v3 score of 0, which is classified as Low severity.

Is there an exploit available for CVE-2025-9276?

No known public exploits are currently available for CVE-2025-9276.

Is there a patch available for CVE-2025-9276?

Yes, patches are available for CVE-2025-9276. Check the vendor advisories for update instructions.

CVE-2025-9276 - CVE Details, Severity, and Analysis

Published: January 30, 2026

Last updated:1 day ago (January 30, 2026)

Updated January 30, 2026

Strobes VI. (2026). CVE-2025-9276 - CVE Details and Analysis. Strobes VI. Retrieved January 31, 2026, from https://vi.strobes.co/cve/CVE-2025-9276

no major risk factors

Cockroach Labs cockroach-k8s-request-cert Empty Root Password Authentication Bypass Vulnerability. This vulnerability could allow remote attackers to bypass authentication on systems that use the affected version of the Cockroach Labs cockroach-k8s-request-cert container image.

The specific flaw exists within the configuration of the system shadow file. The issue results from a blank password setting for the root user. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-22195.

Vendor	Product
Cockroachlabs	Cockroach K8s Request Cert

NVD: Cockroach Labs cockroach-k8s-request-cert Empty Root Password Authentication Bypass Vulnerability. This vulnerability could allow remote attackers to bypass authentication on systems that use the affected version of the Cockroach Labs cockroach-k8s-request-cert container image. The specific flaw exists within the configuration of the system shadow file. The issue results from a blank password setting for the root user. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-22195.