CVE-2026-44934

HIGH

Exposed tokens in SUSE Rancher AI Agent logs

Title source: cna
STIX 2.1

Description

A information disclosure when DEBUG loglevel is set in SUSE Rancher AI Agent 1.0 before 1.0.2 could leak API keys or LLM response text with potential sensitive data into logfiles, allowing local attackers to misuse respective gained data or credentials.

References (1)

Core 1

Scores

CVSS v4 7.0
EPSS 0.0012
EPSS Percentile 2.1%
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-215
Status published
Products (1)
SUSE/Rancher 1.0.0 - 1.0.2
Published Jul 06, 2026
Tracked Since Jul 06, 2026