CVE-2026-44948

UNKNOWN 0.0

Path Traversal in Rancher Fleet ImageScan GitRepo Path Handler

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

A path traversal vulnerability was found in Fleet's ImageScan subsystem in Rancher Fleet 0.12.0 up to 0.12.16, 0.13.0 up to 0.13.12, 0.14.0 up to 0.14.7 and 0.15.0 up to 0.15.3 could be used to traverse outside of the intended directory, causing a denial of service.

CWE	CWE-23
Vendor	suse
Product	rancher
Published	Jun 30, 2026
Last Updated	Jun 30, 2026

Stay Ahead of the Next One

Get instant alerts for suse rancher

Be the first to know when new unknown vulnerabilities affecting suse rancher are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

SUSE / Rancher

0.12.0 < 0.12.16 0.13.0 < 0.13.12 0.14.0 < 0.14.7 0.15.0 < 0.15.3

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/rancher/fleet/security/advisories/GHSA-c45g-6c2c-rj3p

Credits

Sergey Kanibor