CVE-2025-53542 | kubernetes-sigs headlamp up to 0.31.0 codeSign.js execSync os command injection (EUVD-2025-21025)

A vulnerability was found in kubernetes-sigs headlamp up to 0.31.0 and classified as critical. Affected by this issue is the function execSync of the file codeSign.js. The manipulation leads to os command injection.

This vulnerability is handled as CVE-2025-53542. Local access is required to approach this attack. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More