CVE-2026-44935

Missing validation of "valuesFrom" references in Helm Deployer of SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 could be used by owners of one tenant to access fleet credentials of other tenants.
Configurations

No configuration.

History

02 Jul 2026, 17:16

Type Values Removed Values Added
New CVE

Information

Published : 2026-07-02 17:16

Updated : 2026-07-03 04:17


NVD link : CVE-2026-44935

Mitre link : CVE-2026-44935

CVE.ORG link : CVE-2026-44935


JSON object : View

Products Affected

No product.

CWE
CWE-1287

Improper Validation of Specified Type of Input