CVE-2026-44937
SUSE Rancher Fleet had an Unauthenticated Webhook: Regex Injection via Unsanitized Repository URL Components
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
Potential forgery of webhook requests when using a unauthenticated webhook in SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.5 could be used by remote attackers to cause a denial of service or a downgrade attack on other repositories on the system.
| CWE | CWE-918 |
| Vendor | suse |
| Product | rancher |
| Published | Jul 6, 2026 |
| Last Updated | Jul 6, 2026 |
Stay Ahead of the Next One
Get instant alerts for suse rancher
Be the first to know when new unknown vulnerabilities affecting suse rancher are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
SUSE / Rancher
0.15.0 < 0.15.2 0.14.0 < 0.14.6 0.13.0 < 0.13.11 0.12.0 < 0.12.15