Back to overview

CVE-2026-44934

HIGH
7.0
CVSS 4.0
Description
A information disclosure when DEBUG loglevel is set in SUSE Rancher AI Agent 1.0 before 1.0.2 could leak API keys or LLM response text with potential sensitive data into logfiles, allowing local attackers to misuse respective gained data or credentials.

Metadata

CVE ID
CVE-2026-44934
State
PUBLISHED
Assigner
suse
Reserved
2026-05-08 12:29 UTC
Published
2026-07-06 08:45 UTC
Last updated
2026-07-06 08:53 UTC
Primary CWE
CWE-215
CWE-215 Insertion of sensitive information into debugging co…
Vendor / Product
SUSE / Rancher
Sources
cve.org  ·  NVD

Severity & Metrics

7.0 HIGH CVSS 4.0
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H
Affected products (1)
VendorProductPlatformVersions
SUSE Rancher 1.0.0 < 1.0.2
Weakness (CWE)
CWESourceDescription
CWE-215 cna CWE-215 Insertion of sensitive information into debugging code
CVSS scores (1)
ScoreSeverityVersionSourceVector
7.0 HIGH 4.0 cna CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H
Back to overview