Vulnerability Details CVE-2026-41053
Incorrect authentication caching in the team member ship expansion of the Rancher Github authentication provider caused it granting principal access to any logged in user, in 2.13 before 2.13.6 and 2.14 before 2.14.2.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 29.0%
CVSS Severity
CVSS v3 Score 8.8
Products affected by CVE-2026-41053
-
cpe:2.3:a:suse:rancher:2.13.0
-
cpe:2.3:a:suse:rancher:2.13.1
-
cpe:2.3:a:suse:rancher:2.13.2
-
cpe:2.3:a:suse:rancher:2.13.3
-
cpe:2.3:a:suse:rancher:2.13.4
-
cpe:2.3:a:suse:rancher:2.13.5
-
cpe:2.3:a:suse:rancher:2.14.0
-
cpe:2.3:a:suse:rancher:2.14.1