{"id":"CVE-2025-9615","details":"A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added the connection.","modified":"2026-04-22T18:29:13.536822823Z","published":"2026-01-26T20:16:09.207Z","related":["SUSE-SU-2026:1419-1","SUSE-SU-2026:1420-1","SUSE-SU-2026:1427-1","SUSE-SU-2026:1443-1","SUSE-SU-2026:21113-1","SUSE-SU-2026:21121-1","SUSE-SU-2026:21203-1","openSUSE-SU-2025:15822-1","openSUSE-SU-2026:10051-1","openSUSE-SU-2026:10295-1","openSUSE-SU-2026:20547-1"],"references":[{"type":"WEB","url":"https://access.redhat.com/security/cve/CVE-2025-9615"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2391503"},{"type":"REPORT","url":"https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/1809"},{"type":"FIX","url":"https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/2324"},{"type":"FIX","url":"https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/2327"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-9615.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}]}