CVE 9.4 CRITICAL

Rancher Privilege Escalation from Project Owner to Host_CVE-2026-41052

9.4 / 10
CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Description

Improper privilege handling could be used by users with Project Owner role to escalate privileges, in Rancher versions 2.14 before 2.14.2, 2.13 before 2.13.6, and 2.12 before 2.12.10.

AI Analysis

Privilege escalation vulnerability in Rancher due to improper privilege handling

Basic Information

ID CVE-2026-41052
Source suse
Published Jun 29, 2026 at 15:41
Modified Jun 29, 2026 at 16:22

Affected Product

Vendor SUSE
Product Rancher
Version 2.12.0
Affected Versions SUSE Rancher 2.12.0
SUSE Rancher 2.13.0
SUSE Rancher 2.14.0

CWE Classification

AI Assessment

AI Score 9.4 / 10
AI Severity Critical
Vendor SUSE
Product Rancher
Version 2.12.0, 2.13.0, 2.14.0

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.