Rancher Fleet has Unauthenticated Webhook: Regex Injection via Unsanitized Repository URL Components in github.com/rancher/fleet
{ "url": "https://pkg.go.dev/vuln/GO-2026-5874", "review_status": "UNREVIEWED" }
"https://vuln.go.dev/ID/GO-2026-5874.json"