CVE-2026-44934

Source
https://cve.org/CVERecord?id=CVE-2026-44934
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-44934.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-44934
Aliases
  • GHSA-5r2r-h824-fr5v
Published
2026-07-06T08:45:26.864Z
Modified
2026-07-08T08:13:45.241676430Z
Severity
  • 7.0 (High) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H CVSS Calculator
Summary
Exposed tokens in SUSE Rancher AI Agent logs
Details

A information disclosure when DEBUG loglevel is set in SUSE Rancher AI Agent 1.0 before 1.0.2 could leak API keys or LLM response text with potential sensitive data into logfiles, allowing local attackers to misuse respective gained data or credentials.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/44xxx/CVE-2026-44934.json",
    "cna_assigner": "suse",
    "cwe_ids": [
        "CWE-215"
    ]
}
References

Affected packages

Git / github.com/rancher/rancher-ai-agent

Affected ranges

Type
GIT
Repo
https://github.com/rancher/rancher-ai-agent
Events
Database specific
{
    "source": [
        "AFFECTED_FIELD",
        "DESCRIPTION"
    ],
    "extracted_events": [
        {
            "introduced": "1.0.0"
        },
        {
            "fixed": "1.0.2"
        },
        {
            "introduced": "1.0"
        }
    ]
}

Affected versions

v1.*
v1.0.0
v1.0.1-rc.1
v1.0.2-rc.1
v1.0.2-rc.2
v1.0.2-rc.3
v1.1.0-alpha.1
v1.1.0-alpha.2

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-44934.json"