CVE-2026-44934
HIGH
7.0
CVSS 4.0
Description
A information disclosure when DEBUG loglevel is set in SUSE Rancher AI Agent 1.0 before 1.0.2 could leak API keys or LLM response text with potential sensitive data into logfiles, allowing local attackers to misuse respective gained data or credentials.
Metadata
Severity & Metrics
7.0
HIGH CVSS 4.0
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H
Affected products (1)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| SUSE | Rancher | — | 1.0.0 < 1.0.2 |
Weakness (CWE)
| CWE | Source | Description |
|---|---|---|
| CWE-215 | cna | CWE-215 Insertion of sensitive information into debugging code |
CVSS scores (1)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 7.0 | HIGH | 4.0 | cna | CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H |