All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2026-44935
CRITICALpublished 2026-07-02 17:16 UTC · 2 days ago · modified 2026-07-03 04:17 UTC
9.9
CVSS / 10
// description
Missing validation of "valuesFrom" references in Helm Deployer of SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 could be used by owners of one tenant to access fleet credentials of other tenants.
// weaknesses (CWE)
- CWE-1287