Back to CVE List

CVE-2026-44949

Vulnerability Description

A Rancher FleetWorkspace admission path allowed side effects to occur in
the Rancher webhook handler for versions 0.7.0 up to 0.7.10, 0.8.0 up to 0.8.7, 0.9.0 up to 0.9.6 and 0.10.0 up to 0.10.7. An unauthenticated attacker with network access to
the in-cluster rancher-webhook service
could submit a crafted admission payload and cause workspace-related
Kubernetes objects to be created with attacker-chosen identity data.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-306
Source
NVD
Vendor
SUSE
Product
Rancher

External References

Discussion (0)

Add Comment

No comments yet. Be the first!