CVE-2026-44936
Rancher Fleet SSRF in Bundle Reader via Unvalidated Helm Repository URL in fleet.yaml
CVSS Score
5.0
EPSS Score
0.0%
EPSS Percentile
0th
Missing filtering when the helmRepoURLRegex field isn't set on a GitRepo resource in SUSE Rancher Fleet's bundle reader in 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 forwards Helm authentication credentials (BasicAuth) to any URL specified in the helm.repo field of a fleet.yaml file, allowing attackers able to push to fleet monitored git repos to leak helm access credentials.
| CWE | CWE-918 |
| Vendor | suse |
| Product | rancher |
| Published | Jul 6, 2026 |
| Last Updated | Jul 6, 2026 |
Stay Ahead of the Next One
Get instant alerts for suse rancher
Be the first to know when new medium vulnerabilities affecting suse rancher are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
None
Availability
None
Affected Versions
SUSE / Rancher
0.15.0 < 0.15.2 0.14.0 < 0.14.6 0.13.0 < 0.13.11 0.12.0 < 0.12.15