{"api_version":"1","generated_at":"2026-07-12T19:40:00+00:00","cve":"CVE-2026-44935","urls":{"html":"https://cve.report/CVE-2026-44935","api":"https://cve.report/api/cve/CVE-2026-44935.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-44935","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-44935"},"summary":{"title":"Rancher Fleet vulnerable to cross namespace secret disclosure via unvalidated `valuesFrom` references in Helm Deployer","description":"Missing validation of \"valuesFrom\" references in Helm Deployer of SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 could be used by owners of one tenant to access fleet credentials of other tenants.","state":"PUBLISHED","assigner":"suse","published_at":"2026-07-02 17:16:59","updated_at":"2026-07-06 12:44:21"},"problem_types":["CWE-1287","CWE-1287 CWE-1287 Improper validation of specified type of input"],"metrics":[{"version":"3.1","source":"meissner@suse.de","type":"Secondary","score":"9.9","severity":"CRITICAL","vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}},{"version":"3.1","source":"CNA","type":"CVSS","score":"9.9","severity":"CRITICAL","vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":9.9,"baseSeverity":"CRITICAL","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","version":"3.1"}}],"references":[{"url":"https://github.com/rancher/fleet/security/advisories/GHSA-xr65-5cpm-g36x","name":"https://github.com/rancher/fleet/security/advisories/GHSA-xr65-5cpm-g36x","refsource":"meissner@suse.de","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-44935","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44935","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"SUSE","product":"Rancher","version":"affected 0.15.0 0.15.2 semver","platforms":[]},{"source":"CNA","vendor":"SUSE","product":"Rancher","version":"affected 0.14.0 0.14.6 semver","platforms":[]},{"source":"CNA","vendor":"SUSE","product":"Rancher","version":"affected 0.13.0 0.13.11 semver","platforms":[]},{"source":"CNA","vendor":"SUSE","product":"Rancher","version":"affected 0.12.0 0.12.15 semver","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2026","cve_id":"44935","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"suse","cpe5":"rancher_fleet","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2026","cve_id":"44935","cve":"CVE-2026-44935","epss":"0.005720000","percentile":"0.431420000","score_date":"2026-07-05","updated_at":"2026-07-06 00:01:19"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2026-44935","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","timestamp":"2026-07-02T00:00:00+00:00","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-07-03T03:56:15.397Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"defaultStatus":"unaffected","packageName":"Fleett","product":"Rancher","repo":"https://github.com/rancher/fleet/","vendor":"SUSE","versions":[{"lessThan":"0.15.2","status":"affected","version":"0.15.0","versionType":"semver"},{"lessThan":"0.14.6","status":"affected","version":"0.14.0","versionType":"semver"},{"lessThan":"0.13.11","status":"affected","version":"0.13.0","versionType":"semver"},{"lessThan":"0.12.15","status":"affected","version":"0.12.0","versionType":"semver"}]}],"datePublic":"2026-05-28T15:26:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<div><br>Missing validation of \"valuesFrom\" references in Helm Deployer of SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 could be used by owners of one tenant to access fleet credentials of other tenants.</div>"}],"value":"Missing validation of \"valuesFrom\" references in Helm Deployer of SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 could be used by owners of one tenant to access fleet credentials of other tenants."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":9.9,"baseSeverity":"CRITICAL","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-1287","description":"CWE-1287 Improper validation of specified type of input","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-07-02T16:01:11.745Z","orgId":"404e59f5-483d-4b8a-8e7a-e67604dd8afb","shortName":"suse"},"references":[{"tags":["vendor-advisory"],"url":"https://github.com/rancher/fleet/security/advisories/GHSA-xr65-5cpm-g36x"}],"source":{"discovery":"EXTERNAL"},"title":"Rancher Fleet vulnerable to cross namespace secret disclosure via unvalidated `valuesFrom` references in Helm Deployer","x_generator":{"engine":"Vulnogram 1.0.2"}}},"cveMetadata":{"assignerOrgId":"404e59f5-483d-4b8a-8e7a-e67604dd8afb","assignerShortName":"suse","cveId":"CVE-2026-44935","datePublished":"2026-07-02T16:00:06.751Z","dateReserved":"2026-05-08T12:29:48.967Z","dateUpdated":"2026-07-03T03:56:15.397Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-07-02 17:16:59","lastModifiedDate":"2026-07-06 12:44:21","problem_types":["CWE-1287","CWE-1287 CWE-1287 Improper validation of specified type of input"],"metrics":{"cvssMetricV31":[{"source":"meissner@suse.de","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-02T00:00:00+00:00","id":"CVE-2026-44935","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:suse:rancher_fleet:*:*:*:*:*:*:*:*","versionStartIncluding":"0.12.0","versionEndExcluding":"0.12.15","matchCriteriaId":"8DE7373C-74E0-4B59-AF44-ECB9AC0130B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:suse:rancher_fleet:*:*:*:*:*:*:*:*","versionStartIncluding":"0.13.0","versionEndExcluding":"0.13.11","matchCriteriaId":"D76AA40B-6291-46DC-BE27-BF4B8F6A8B23"},{"vulnerable":true,"criteria":"cpe:2.3:a:suse:rancher_fleet:*:*:*:*:*:*:*:*","versionStartIncluding":"0.14.0","versionEndExcluding":"0.14.6","matchCriteriaId":"F267A8DC-9A24-4A98-B765-CEEC0EBC2576"},{"vulnerable":true,"criteria":"cpe:2.3:a:suse:rancher_fleet:*:*:*:*:*:*:*:*","versionStartIncluding":"0.15.0","versionEndExcluding":"0.15.2","matchCriteriaId":"BE1A7C49-CBBF-45BA-91F1-D2DA940BE908"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"44935","Ordinal":"1","Title":"Rancher Fleet vulnerable to cross namespace secret disclosure vi","CVE":"CVE-2026-44935","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"44935","Ordinal":"1","NoteData":"Missing validation of \"valuesFrom\" references in Helm Deployer of SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 could be used by owners of one tenant to access fleet credentials of other tenants.","Type":"Description","Title":"Rancher Fleet vulnerable to cross namespace secret disclosure vi"}]}}}