CVE-2026-44934
Received
Received - Intake
Information Disclosure in SUSE Rancher AI Agent
Vulnerability report for CVE-2026-44934, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-07-06
Last updated on: 2026-07-06
Assigner: SUSE
Description
Description
A information disclosure when DEBUG loglevel is set in SUSE Rancher AI Agent 1.0 before 1.0.2 could leak API keys or LLM response text with potential sensitive data into logfiles, allowing local attackers to misuse respective gained data or credentials.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| suse | rancher_ai_agent | From 1.0.0 (inc) to 1.0.1 (inc) |
| suse | rancher_ai_agent | 1.0.2 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-215 | The product inserts sensitive information into debugging code, which could expose this information if the debugging code is not disabled in production. |