CVE-2026-44939 | SUSE Rancher up to 2.14.1 {token}_{clusterId}.yaml eval injection (GHSA-mhc6-2gfq-xx62)

A vulnerability was found in SUSE Rancher up to 2.10.11/2.11.13/2.12.9/2.13.5/2.14.1 and classified as very critical. This impacts an unknown function of the file /v3/import/{token}_{clusterId}.yaml. The manipulation results in improper neutralization of directives in dynamically evaluated code.

This vulnerability was named CVE-2026-44939. The attack may be performed from remote. There is no available exploit.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More