๐Ÿ” CVE Alert

CVE-2026-44937

UNKNOWN 0.0

SUSE Rancher Fleet had an Unauthenticated Webhook: Regex Injection via Unsanitized Repository URL Components

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

Potential forgery of webhook requests when using a unauthenticated webhook in SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.5 could be used by remote attackers to cause a denial of service or a downgrade attack on other repositories on the system.

CWE CWE-918
Vendor suse
Product rancher
Published Jul 6, 2026
Last Updated Jul 6, 2026
Stay Ahead of the Next One

Get instant alerts for suse rancher

Be the first to know when new unknown vulnerabilities affecting suse rancher are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

SUSE / Rancher
0.15.0 < 0.15.2 0.14.0 < 0.14.6 0.13.0 < 0.13.11 0.12.0 < 0.12.15

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
github.com: https://github.com/rancher/fleet/security/advisories/GHSA-jmf4-m7j9-g72r