PT-2026-53850 · Suse · Rancher

Published

2026-06-30

Updated

2026-06-30

CVE-2026-41053

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Incorrect authentication caching in the team member ship expansion of the Rancher Github authentication provider caused it granting principal access to any logged in user, in 2.13 before 2.13.6 and 2.14 before 2.14.2.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-303

Related Identifiers

CVE-2026-41053

Affected Products

Rancher

PT-2026-53850 · Suse · Rancher

CVE-2026-41053

Weakness Enumeration

Related Identifiers

Affected Products

References · 2