CVE-2026-44947
MEDIUMStale PSA ClusterRoleBinding Persists After RoleTemplate Downgrade in Rancher
Title source: cnaExploitation Summary
EIP tracks 1 public exploit for CVE-2026-44947. PoCs published by HermesNA-1.
AI-analyzed exploit summary This repository contains an auto-generated stub module for CVE-2026-44947, a missing clean-up vulnerability in Rancher's legacy Project Role Template Binding (PRTB) reconciler. The code includes placeholder methods (`check` and `run`) but lacks actual exploit implementation or technical details about the vulnerability mechanics.
Description
A missing clean-up in the legacy Project Role Template Binding (PRTB) reconciler in Rancher versions 2.13.0 up to 2.13.7 and 2.14.0 up to 2.14.3 allowed users to retain unauthorized Pod Security Admission (PSA) permissions after an administrator removes those permissions from a RoleTemplate.
Exploits (1)
This repository contains an auto-generated stub module for CVE-2026-44947, a missing clean-up vulnerability in Rancher's legacy Project Role Template Binding (PRTB) reconciler. The code includes placeholder methods (`check` and `run`) but lacks actual exploit implementation or technical details about the vulnerability mechanics.
References (1)
Scores
CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X