NVD Vulnerability Detail

Search Exploit, PoC

Exploit DB

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-44939

Summary	A command injection vulnerability in the Rancher Manager cluster before 2.14.2 import endpoint /v3/import/{token}_{clusterId}.yaml through unsanitized YAML parameters could allow remote attackers to break out of an image, and execute e.g. malicious containers.
Publication Date	June 19, 2026, 10:16 p.m.
Registration Date	June 27, 2026, 4:04 a.m.
Last Update	June 24, 2026, 2:17 p.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://github.com/rancher/rancher/security/advisories/GHSA-mhc6-2gfq-xx62	meissner@suse.de

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-95	Evalインジェクション	https://cwe.mitre.org/data/definitions/95.html