CVE-2026-44934
SUSE · Rancher AI Agent
SUSE Rancher AI Agent inadvertently exposes sensitive information in logs when the debug log level is enabled.
Executive summary
A high-severity information disclosure vulnerability in SUSE Rancher AI Agent allows privileged users to access sensitive data when debug logging is active.
Vulnerability
This issue stems from the insertion of sensitive information into debugging code (CWE-215). It requires a privileged user (High level) to have already configured the system to a DEBUG log level, at which point sensitive data is logged in plain text.
Business impact
With a CVSS score of 7.0, this vulnerability presents a risk of unauthorized data exposure. If logs are stored in insecure locations or accessible to unauthorized personnel, sensitive information could be compromised, potentially leading to further system exploitation or identity theft.
Remediation
Immediate Action: Upgrade to version 1.0.2 or later, or disable DEBUG log levels immediately if an upgrade is not immediately feasible.
Proactive Monitoring: Audit existing log files for exposed sensitive data and restrict access to log storage locations to authorized personnel only.
Compensating Controls: Ensure that log management systems are encrypted at rest and that log access is strictly controlled via Role-Based Access Control (RBAC).
Exploitation status
Public Exploit Available: false
Analyst recommendation
Organizations utilizing the SUSE Rancher AI Agent must treat this as a priority update. Immediate transition to the patched version is required to prevent inadvertent exposure of sensitive data through system logs.