Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
4177 articles · 176190 vulns · 36/41 feeds (7d)
← Back to list
—
CVE-2026-44934EXPLOITEDPATCHED
su · rancher

Exposed tokens in SUSE Rancher AI Agent logs

Description

A information disclosure when DEBUG loglevel is set in SUSE Rancher AI Agent 1.0 before 1.0.2 could leak API keys or LLM response text with potential sensitive data into logfiles, allowing local attackers to misuse respective gained data or credentials.

Affected Products

VendorProductVersions
surancher1.0.0

References

  • https://github.com/rancher/rancher-ai-agent/security/advisories/GHSA-5r2r-h824-fr5v(vendor-advisory)

Related News (1 articles)

Tier C
VulDB9d ago
CVE-2026-44934 | SUSE Rancher AI Agent up to 1.0.1 information disclosure
→ No new info (linked only)
CISA KEV❌ No
Actively exploited✅ Yes
Patch available
1.0.2
CWECWE-215
PublishedJul 6, 2026
Last enriched9d agov2
Tags
information disclosure
Trending Score9
Source articles1
Independent1
Info Completeness8/14
Missing: cvss, epss, kev, exploit, iocs, mitre_attack

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Related CVEs (5)

HIGHPRE-CVE
Local Denial-of-Service Attack Vectors in seunshare
Trending: 27
NONECVE-2026-59674
LPE from suricata user to root due to chown in %post in suricata packaging
Trending: 22
NONECVE-2025-8412
VMDP: Potential buffer overflow in the RtlQueryRegistryValues function
Trending: 18
CRITICALCVE-2026-44937EXP
SUSE Rancher Fleet had an Unauthenticated Webhook: Regex Injection via Unsanitized Repository URL Components
Trending: 12
MEDIUMCVE-2026-44936EXP
Rancher Fleet SSRF in Bundle Reader via Unvalidated Helm Repository URL in fleet.yaml
Trending: 10

Pin to Dashboard

Verification

State: unverified
Confidence: 0%

Vulnerability Timeline

CVE Published
Jul 6, 2026
Discovered by ZDM
Jul 6, 2026
Updated: severity, activelyExploited, affectedVersions, tags
Jul 6, 2026
Actively Exploited
Jul 6, 2026
Patch Available
Jul 6, 2026

Version History

v2
Last enriched 9d ago
v2Tier C9d ago

Updated severity to HIGH, marked as actively exploited, and added affected version 1.0.1 with new tag 'information disclosure'.

severityactivelyExploitedaffectedVersionstags
via VulDB
v19d ago

Initial creation