suse
1,226 tracked vulnerabilities.
CVE-2026-44938
HIGH
Fleet has PSS Bypass through addLabelsFromOptions in Fleet Agent
Jul 07, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-44937
HIGH
SUSE Rancher Fleet had an Unauthenticated Webhook: Regex Injection via Unsanitized Repository URL Components
Jul 06, 2026
CVSS 8.2
EPSS 0.01
CVE-2026-44936
MEDIUM
Rancher Fleet SSRF in Bundle Reader via Unvalidated Helm Repository URL in fleet.yaml
Jul 06, 2026
CVSS 5.0
EPSS 0.00
CVE-2026-44934
HIGH
Exposed tokens in SUSE Rancher AI Agent logs
Jul 06, 2026
EPSS 0.00
CVE-2026-44935
CRITICAL
Rancher Fleet vulnerable to cross namespace secret disclosure via unvalidated `valuesFrom` references in Helm Deployer
Jul 02, 2026
CVSS 9.9
EPSS 0.01
CVE-2026-44941
HIGH
libzypp path traversal via "keyhint" in repomd.xml
Jul 02, 2026
CVSS 8.4
EPSS 0.01
CVE-2026-44948
MEDIUM
Path Traversal in Rancher Fleet ImageScan GitRepo Path Handler
Jun 30, 2026
EPSS 0.00
CVE-2026-44949
HIGH
Unauthenticated namespace creation and RBAC injection via rancher-webhook FleetWorkspace mutating webhook
Jun 30, 2026
EPSS 0.00
CVE-2026-44947
MEDIUM
Stale PSA ClusterRoleBinding Persists After RoleTemplate Downgrade in Rancher
Jun 30, 2026
EPSS 0.00
CVE-2026-44946
HIGH
SAML Authentication Replay in Rancher
Jun 30, 2026
CVSS 7.4
EPSS 0.00
CVE-2026-41053
HIGH
Over-inclusive team membership expansion in GitHub App authentication provider for Rancher
Jun 30, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-41052
HIGH
Rancher Privilege Escalation from Project Owner to Host
Jun 29, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-25707
HIGH
Handcrafted repo metadata may cause arbitrary local files to be overwritten by libzypp
Jun 29, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-44939
CRITICAL
Command injection through unsanitized YAML parameter in Rancher
Jun 19, 2026
EPSS 0.01
CVE-2026-44942
MEDIUM
libzypp .repo files can have an optional path which can lead to path traversal attacks
Jun 18, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-44932
HIGH
indirect remote shell command injection via unsanitized DHCP options in wicked
Jun 16, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-44543
HIGH
Local Path Provisioner: HelperPod Template Injection
May 28, 2026
CVSS 8.7
EPSS 0.00
CVE-2026-44933
HIGH
SUSE Linux Enterprise 17.38.8 - Path Traversal via PluginScript Chroot Bypass
May 20, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-41054
HIGH
Missing exit out of permission check in haveged could lead to root exploit
May 20, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-41051
MEDIUM
csync2 uses insecure temporary directories when compiled with C99 or later
May 13, 2026
CVSS 5.0
EPSS 0.00
CVE-2026-41050
CRITICAL
Helm impersonation bypass of `RESTClientGetter` retains `cluster-admin` during template rendering
May 13, 2026
CVSS 9.9
EPSS 0.00
CVE-2026-25705
HIGH
Rancher Extensions have arbitrary file access via path traversal
May 13, 2026
CVSS 8.4
EPSS 0.00
CVE-2026-31431
HIGH
KEVNUCLEI
crypto: algif_aead - Revert to operating out-of-place
Apr 22, 2026
CVSS 7.8
EPSS 0.96
CVE-2026-25702
HIGH
SUSE Linux Enterprise Server 12 SP5 - Auth Bypass
Mar 05, 2026
CVSS 7.3
EPSS 0.00
CVE-2025-71261
HIGH
Harvester's SUSE Virtualization Registration Client Vulnerable to MITM and DOS
Jun 16, 2026
CVSS 8.6
EPSS 0.00
Products
linux_enterprise_server 474
linux_enterprise_desktop 461
linux_enterprise_software_development_kit 296
suse_linux 208
suse_linux_enterprise_server 129
linux_enterprise_workstation_extension 105
linux_enterprise 97
suse_linux_enterprise_desktop 81
linux_enterprise_real_time_extension 58
linux_enterprise_debuginfo 54
rancher 53
package_hub 39
suse_linux_enterprise_software_development_kit 35
openstack_cloud 33
linux_enterprise_high_availability_extension 28
manager 22
studio_onsite 22
linux_enterprise_sdk 19
manager_proxy 19
suse_linux_workstation_extension 17
Rancher 15
linux_enterprise_point_of_sale 12
manager_server 12
linux_enterprise_high_performance_computing 9
openSUSE Tumbleweed 9
neuvector 8
SUSE Manager Server Module 4.3 7
caas_platform 7
linux_enterprise_real_time 7
linux_enterprise_server_for_sap 6
Quick Filters