HackerFeeds
All CVEs

CVE-2026-44935

CRITICAL9.9

Published 2026-07-02 · Updated 2026-07-02 · Source meissner@suse.de

Description

Missing validation of "valuesFrom" references in Helm Deployer of SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 could be used by owners of one tenant to access fleet credentials of other tenants.

CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE-1287
View on NVD