PT-2026-53861 · Suse · Rancher

Published

2026-06-30

Updated

2026-06-30

CVE-2026-44946

CVSS v4.0

9.5

Critical

Vector

AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:H

A SAML authentication replay vulnerability in Rancher's Assertion Consumer Service (ACS) handler did not enforce one-time use of SAML assertion, potentially allowing person in the middle attacks against Rancher, affecting Rancher 2.14.0 before 2.14.3,

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-294

Related Identifiers

CVE-2026-44946

Affected Products

Rancher

PT-2026-53861 · Suse · Rancher

CVE-2026-44946

Weakness Enumeration

Related Identifiers

Affected Products

References · 2