CVE-2026-44934
Received Received - Intake

Information Disclosure in SUSE Rancher AI Agent

Vulnerability report for CVE-2026-44934, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-06

Last updated on: 2026-07-06

Assigner: SUSE

Description

A information disclosure when DEBUG loglevel is set in SUSE Rancher AI Agent 1.0 before 1.0.2 could leak API keys or LLM response text with potential sensitive data into logfiles, allowing local attackers to misuse respective gained data or credentials.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-06
Last Modified
2026-07-06
Generated
2026-07-06
AI Q&A
2026-07-06
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
suse rancher_ai_agent From 1.0.0 (inc) to 1.0.1 (inc)
suse rancher_ai_agent 1.0.2

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-215 The product inserts sensitive information into debugging code, which could expose this information if the debugging code is not disabled in production.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-44934 is a sensitive information disclosure vulnerability in SUSE Rancher AI Agent versions 1.0.0 to 1.0.1 that occurs when the debug logging level is explicitly enabled.

When debug logging is set, sensitive data such as API keys for large language model (LLM) integrations and full Model Context Protocol (MCP) responses containing potentially sensitive information from integrated tools or external systems can be exposed in the debug log files.

This vulnerability allows local attackers with high privileges to access these logs and misuse the exposed credentials or sensitive data.

The issue is fixed in version 1.0.2 by improving log sanitization and suppressing debug logging for external libraries.

Impact Analysis

This vulnerability can lead to the exposure of sensitive information such as API keys and detailed response data from integrated systems.

An attacker with local access and high privileges could misuse the exposed credentials to gain unauthorized access to external services.

Additionally, sensitive information could be leaked through centralized logging systems, increasing the risk of data breaches.

Users are advised to avoid enabling DEBUG logging or to review and rotate any potentially exposed credentials if debug logs were generated.

Detection Guidance

This vulnerability can be detected by checking if the Rancher AI Agent is running a version between 1.0.0 and 1.0.1 and if the logging level is set to DEBUG.

To detect potential exposure, you can search the log files for sensitive data such as API keys or LLM response texts that might have been logged.

  • Check the Rancher AI Agent version: `rancher-ai-agent --version` or check the installed package version.
  • Check the logging level configuration in the Rancher AI Agent configuration files or environment variables to see if DEBUG logging is enabled.
  • Search log files for potential sensitive data exposure, for example using grep: `grep -iE 'api_key|token|secret' /var/log/rancher-ai-agent/*.log`
Mitigation Strategies

Immediate mitigation steps include avoiding enabling DEBUG logging in Rancher AI Agent versions 1.0.0 to 1.0.1.

If DEBUG logging has already been enabled, review existing log files for exposed sensitive data such as API keys or credentials.

Rotate or revoke any potentially exposed credentials to prevent misuse.

Upgrade the Rancher AI Agent to version 1.0.2 or later, where the vulnerability has been patched with improved log sanitization and suppression of debug logging for external libraries.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-44934. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart