Upstream information

CVE-2026-44949 at MITRE

Description

A Rancher FleetWorkspace admission path allowed side effects to occur in
the Rancher webhook handler for versions 0.7.0 up to 0.7.10, 0.8.0 up to 0.8.7, 0.9.0 up to 0.9.6 and 0.10.0 up to 0.10.7. An unauthenticated attacker with network access to
the in-cluster rancher-webhook service
could submit a crafted admission payload and cause workspace-related
Kubernetes objects to be created with attacker-chosen identity data.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having moderate severity.

CVSS v4 Scores
CVSS detail CNA (SUSE)
Base Score 7
Vector CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Network
Attack Complexity Low
Attack Requirements Present
Privileges Required Low
User Interaction None
Vulnerable System Confidentiality Impact None
Vulnerable System Integrity Impact High
Vulnerable System Availability Impact None
Subsequent System Confidentiality Impact None
Subsequent System Integrity Impact High
Subsequent System Availability Impact None
CVSSv4 Version 4.0
SUSE Bugzilla entry: 1268513 [NEW]

No SUSE Security Announcements cross referenced.


SUSE Timeline for this CVE

CVE page created: Thu Jun 18 11:30:27 2026
CVE page last modified: Tue Jun 30 20:41:19 2026