PT-2026-55887 · Suse · Rancher Ai Agent
Published
2026-07-06
·
Updated
2026-07-06
·
CVE-2026-44934
CVSS v4.0
7.0
High
| Vector | AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
SUSE Rancher AI Agent versions 1.0 through 1.0.1
Description
An information disclosure occurs when the
DEBUG loglevel is enabled. This configuration can cause API keys or Large Language Model (LLM) response text containing sensitive data to be leaked into logfiles, which local attackers could then misuse to obtain credentials or sensitive information.Recommendations
Update SUSE Rancher AI Agent to version 1.0.2.
Disable the
DEBUG loglevel to prevent sensitive data from being written to logs.Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Rancher Ai Agent