Known Vulnerabilities for Rancher K3s by Suse
Listed below are 1 of the newest known vulnerabilities associated with "Rancher K3s" by "Suse".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-44949 json | A Rancher FleetWorkspace admission path allowed side effects to occur in the Rancher webhook handler for versions 0.7.0 up t... | Not Provided | 2026-06-30 | 2026-06-30 |
| CVE-2026-44948 json | A path traversal vulnerability was found in Fleet's ImageScan subsystem in Rancher Fleet 0.12.0 up to 0.12.16, 0.13.0 up to 0... | Not Provided | 2026-06-30 | 2026-06-30 |
| CVE-2026-44947 json | A missing clean-up in the legacy Project Role Template Binding (PRTB) reconciler in Rancher versions 2.13.0 up to 2.13.7 and... | Not Provided | 2026-06-30 | 2026-06-30 |
| CVE-2026-44946 json | A SAML authentication replay vulnerability in Rancher's Assertion Consumer Service (ACS) handler did not enforce one-time u... | Not Provided | 2026-06-30 | 2026-07-01 |
| CVE-2026-44939 json | A command injection vulnerability in the Rancher Manager cluster before 2.14.2 import endpoint /v3/import/{token}_{clusterId... | Not Provided | 2026-06-19 | 2026-06-24 |
| CVE-2026-44937 json | Potential forgery of webhook requests when using a unauthenticated webhook in SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 bef... | Not Provided | 2026-07-06 | 2026-07-06 |
| CVE-2026-44936 json | Missing filtering when the helmRepoURLRegex field isn't set on a GitRepo resource in SUSE Rancher Fleet's bundle reader in 0.... | Not Provided | 2026-07-06 | 2026-07-06 |
| CVE-2026-44935 json | Missing validation of "valuesFrom" references in Helm Deployer of SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, ... | Not Provided | 2026-07-02 | 2026-07-03 |
| CVE-2026-44934 json | A information disclosure when DEBUG loglevel is set in SUSE Rancher AI Agent 1.0 before 1.0.2 could leak API keys or LLM resp... | Not Provided | 2026-07-06 | 2026-07-06 |
| CVE-2026-44543 json | Local Path Provisioner provides a way for the Kubernetes users to utilize the local storage in each node. Prior to 0.0.36, a ... | Not Provided | 2026-05-28 | 2026-05-30 |