Lucene search
K

Rancher vulnerable to command injection through unsanitized YAML parameter

🗓️ 01 Jul 2026 20:44:33Reported by GitHub Advisory DatabaseType 
github
 github
🔗 github.com👁 4 Views

Rancher YAML import authImage unsanitized leads to DaemonSet on control-plane.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2026-44939
19 Jun 202612:13
attackerkb
Circl
CVE-2026-44939
4 Jun 202602:26
circl
CVE
CVE-2026-44939
19 Jun 202612:13
cve
Cvelist
CVE-2026-44939 Command injection through unsanitized YAML parameter in Rancher
19 Jun 202612:13
cvelist
EUVD
EUVD-2026-38009
1 Jul 202620:44
euvd
NVD
CVE-2026-44939
19 Jun 202613:16
nvd
OSV
GHSA-MHC6-2GFQ-XX62 Rancher vulnerable to command injection through unsanitized YAML parameter
1 Jul 202620:44
osv
Positive Technologies
PT-2026-50872
19 Jun 202600:00
ptsecurity
Snyk
Eval Injection
19 Jun 202614:11
snyk
SUSE CVE
SUSE CVE-2026-44939
29 May 202601:20
susecve
Rows per page
Vulners
Node
rancherrancherRange<0.0.0-20260617231817-2aa77eb283e7go
OR
rancherrancherRange2.10.02.10.12go
OR
rancherrancherRange2.11.02.11.14go
OR
rancherrancherRange2.12.02.12.10go
OR
rancherrancherRange2.13.02.13.6go
OR
rancherrancherRange2.14.02.14.2go

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation