Loading market data...
← Back to CVE feed

CVE-2026-44949

UNKNOWN View on NVD ↗

Description

A Rancher FleetWorkspace admission path allowed side effects to occur in the Rancher webhook handler for versions 0.7.0 up to 0.7.10, 0.8.0 up to 0.8.7, 0.9.0 up to 0.9.6 and 0.10.0 up to 0.10.7. An unauthenticated attacker with network access to the in-cluster rancher-webhook service could submit a crafted admission payload and cause workspace-related Kubernetes objects to be created with attacker-chosen identity data.

Published: Jun 30, 2026 15:16 UTC Modified: Jun 30, 2026 16:16 UTC