Lucene search
K

4 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/28 4:41 p.m.9 views

CVE-2026-44543

Local Path Provisioner provides a way for the Kubernetes users to utilize the local storage in each node. Prior to 0.0.36, a malicious user with permission to edit the local-path-config ConfigMap in the local-path-storage namespace can manipulate the helperPod.yaml template used by...

8.7CVSS5.8AI score0.00368EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/13 8:0 a.m.38 views

CVE-2026-25705 Rancher Extensions have arbitrary file access via path traversal

A vulnerability has been identified in Rancher's Extensions where malicious code can be injected in Rancher through a path traversal in the compressedEndpoint field inside a UIPlugin deployment. A malicious UI extension could abuse that to: Overwrite Rancher binaries or configuration to inject...

8.4CVSS0.00368EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/13 8:0 a.m.5 views

CVE-2026-25705

A vulnerability has been identified in Rancher's Extensions where malicious code can be injected in Rancher through a path traversal in the compressedEndpoint field inside a UIPlugin deployment. A malicious UI extension could abuse that to: Overwrite Rancher binaries or configuration to inject...

8.4CVSS5.7AI score0.00368EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/13 8:0 a.m.9 views

CVE-2026-25705 Rancher Extensions have arbitrary file access via path traversal

A vulnerability has been identified in Rancher's Extensions where malicious code can be injected in Rancher through a path traversal in the compressedEndpoint field inside a UIPlugin deployment. A malicious UI extension could abuse that to: Overwrite Rancher binaries or configuration to inject...

8.4CVSS5.7AI score0.00368EPSS
Exploits0References2
Rows per page
Query Builder