oM noM Security Feeds cve
vulnerability context

CVE-2026-44935

CVSS 9.9 CRITICALCWE-1287

Missing validation of "valuesFrom" references in Helm Deployer of SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 could be used by owners of one tenant to access fleet credentials of other tenants.

Published 2026-07-02 · last modified 2026-07-02

details

CISA KEV status
Not in catalog
CVSS v3
9.9 / CRITICAL
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CWE
CWE-1287
OTX pulses
0 total, 0 recent

source mentions 2

source consensus

  • Bluesky
  • GitHub Advisories
Want the 3-bullet summary of CVE-2026-44935, plus webhook alerts when KEV is updated? Pro is $10/mo.