Where
-Infinity
0

Trending

Last week
Last month
Last year

go/github.com/rancher/rancherRancher CLI skips TLS verification on Rancher CLI login command

Risk 71
Severity
8.4
First published (updated )
CVE-2025-67601

Rancher Labs Rancher 2.8Reached end of life

EOL
Jul 22, 2025
Support Ends
Sep 22, 2024
First published (updated )
latest-version-rancher-2.8

Rancher Labs Rancher 2.8Reached end of life

EOL
Jul 22, 2025
Support Ends
Sep 22, 2024
First published (updated )
EOL-rancher-2.8

Rancher Labs Rancher 2.7Reached end of life

EOL
Nov 18, 2024
Support Ends
May 15, 2024
First published (updated )
latest-version-rancher-2.7

Rancher Labs Rancher 2.7Reached end of life

EOL
Nov 18, 2024
Support Ends
May 15, 2024
First published (updated )
EOL-rancher-2.7
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

go/github.com/rancher/rancherRancher 'Audit Log' leaks sensitive information

Risk 72
Severity
8.4
First published (updated )
CVE-2023-22649

go/github.com/rancher/rancherIn Rancher 2.x before 2.6.13 and 2.7.x before 2.7.4, an incorrectly applied authorization check allo…

Risk 82
Severity
8.8
First published (updated )
CVE-2020-10676

go/github.com/rancher/rancherXSS

Risk 69
Severity
8.4
First published (updated )
CVE-2022-43760

go/github.com/rancher/rancherAn Improper Privilege Management vulnerability in SUSE Rancher allowed standard users to leverage th…

Risk 86
Severity
10
First published (updated )
CVE-2023-22647

SUSE rancherA Improper Privilege Management vulnerability in SUSE Rancher causes permission changes in Azure AD …

Risk 79
Severity
8.8
First published (updated )
CVE-2023-22648
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

go/github.com/rancher/rancherImproper Privilege Management vulnerability in SUSE Rancher allows Privilege Escalation. A failure i…

Risk 83
Severity
10
First published (updated )
CVE-2023-22651

SUSE wranglerRancher/Wrangler: Denial of service when processing Git credentials

Risk 43
Severity
7.5
First published (updated )
CVE-2022-43756

SUSE rancherRancher: Command injection in Git package

Risk 60
Severity
7.6
First published (updated )
CVE-2022-43758

SUSE rancherRancher: Non-random authentication token

Risk 86
Severity
9.8
First published (updated )
CVE-2022-43755

SUSE rancherRancher: Exposure of sensitive fields

Risk 82
Severity
9.9
First published (updated )
CVE-2022-43757
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

SUSE rancherAuthenticated user can gain unauthorized shell pod and kubectl access in the local cluster

Risk 79
Severity
8.8
First published (updated )
CVE-2022-21953

SUSE wrangler[RANCHER] OS command injection in Rancher and Fleet

Risk 86
Severity
9.8
First published (updated )
CVE-2022-31249

SUSE rancherRancher: Privilege escalation via promoted roles

Risk 79
Severity
8.8
First published (updated )
CVE-2022-43759

SUSE rancherRancher: Downstream cluster privilege escalation through cluster and project role template binding (CRTB/PRTB)

Risk 72
Severity
9.1
First published (updated )
CVE-2022-31247

SUSE rancherRancher: Failure to properly sanitize credentials in cluster template answers

Risk 83
Severity
10
First published (updated )
CVE-2021-36783
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

SUSE rancherRancher: Plaintext storage and exposure of credentials in Rancher API and cluster.management.cattle.io object

Risk 82
Severity
9.9
First published (updated )
CVE-2021-36782

SUSE rancherRancher: Weave CNI password is not set if RKE template is used with CNI value overridden

Risk 52
Severity
6.8
First published (updated )
CVE-2022-21951

SUSE rancherWrite access to the Catalog for any user when restricted-admin role is enabled

Risk 34
Severity
5.5
First published (updated )
CVE-2021-4200

SUSE rancherPrivilege escalation for users with create/update permissions in Global Roles

Risk 66
Severity
7.2
First published (updated )
CVE-2021-36784

SUSE rancherExposure of repository credentials to external third-party sources

Risk 43
Severity
7.5
First published (updated )
CVE-2021-36778
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

go/github.com/rancher/rancherSteve API proxy impersonation

Risk 82
Severity
8.8
First published (updated )
CVE-2021-36776

Rancher Labs Rancher 2.6Reached end of life

EOL
Apr 30, 2024
Support Ends
Mar 1, 2023
First published (updated )
latest-version-rancher-2.6

Rancher Labs Rancher 2.6Reached end of life

EOL
Apr 30, 2024
Support Ends
Mar 1, 2023
First published (updated )
EOL-rancher-2.6

go/github.com/rancher/rancherRancher: Privilege escalation vulnerability via malicious Connection header

Risk 82
Severity
8.8
First published (updated )
CVE-2021-31999

go/github.com/rancher/rancherrancher: API group not properly specified when creating Kubernetes RBAC resources

Risk 82
Severity
8.8
First published (updated )
CVE-2021-25318
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203