Loading market data...
← Back to CVE feed

CVE-2026-44935

CRITICAL CVSS 9.9 View on NVD ↗

Description

Missing validation of "valuesFrom" references in Helm Deployer of SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 could be used by owners of one tenant to access fleet credentials of other tenants.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Published: Jul 02, 2026 17:16 UTC Modified: Jul 03, 2026 04:17 UTC