{"vulnerability": "cve-2026-4493", "sightings": [{"uuid": "2f07edf9-06fb-449b-a97f-196d870550e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4493", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mhjkczsobw2o", "content": "", "creation_timestamp": "2026-03-20T22:18:54.033445Z"}, {"uuid": "f84825f2-ce36-4ba0-bc5f-0e80654c49e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44933", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmbpv2jchj2p", "content": "CVE-2026-44933 - Path Traversal in Plugin Loading in libzypp\nCVE ID : CVE-2026-44933\n \n Published : May 20, 2026, 8:51 a.m. | 1\u00a0hour, 23\u00a0minutes ago\n \n Description : `PluginScript` attempts to `chroot` the plugin to the `repoManagerRoot`, this root is frequently `/` (the syste...", "creation_timestamp": "2026-05-20T10:43:08.143604Z"}, {"uuid": "e293656c-cce4-48b0-a874-b2d2540d1224", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44930", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3mmupsheol22m", "content": "Apache CXF\u306eXKMS LDAP\u30b5\u30fc\u30d3\u30b9\u306bLDAP\u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u304c\u53ef\u80fd\u306b\u306a\u308b\u8106\u5f31\u6027 CVE-2026-44930\nrocket-boys.co.jp/security-mea...\n\n#\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5bfe\u7b56Lab #security #securitynews", "creation_timestamp": "2026-05-28T00:02:18.545781Z"}, {"uuid": "b98b5c7e-eddb-4219-8f66-be945d25a451", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44930", "type": "seen", "source": "https://t.me/bdufstecru/3204", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0435\u0440\u0432\u0438\u0441\u0430 XKMS (XML Key Management Specification) \u043a\u0430\u0440\u043a\u0430\u0441\u0430 \u0434\u043b\u044f \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432 Apache CXF \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0438\u043d\u044f\u0442\u0438\u0435\u043c \u043c\u0435\u0440 \u043f\u043e \u043d\u0435\u0439\u0442\u0440\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u043e\u0432 \u0432 \u0437\u0430\u043f\u0440\u043e\u0441\u0435 LDAP. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438\n\nBDU:2026-07399\nCVE-2026-44930\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://lists.apache.org/thread/c1zqxppo1m5z3kbdhjn5p991zk09ynkh", "creation_timestamp": "2026-05-29T13:10:09.000000Z"}, {"uuid": "37c0003e-3b19-4ae5-87d0-83c176873dc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44939", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3mngl44gers2h", "content": "Rancher Kubernetes\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0\u306b3\u4ef6\u306e\u91cd\u5927\u306a\u8106\u5f31\u6027(CVE-2026-44939,CVE-2026-41052,CVE-2026-41053)\n\nrocket-boys.co.jp/security-mea...\n\n#\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5bfe\u7b56Lab #security #securitynews", "creation_timestamp": "2026-06-04T02:26:12.204289Z"}, {"uuid": "1ab95da2-78fc-40d6-ac69-85331844b47e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44932", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mogeiujyy724", "content": "CVE-2026-44932 - indirect remote shell command injection via unsanitized DHCP options in wicked\nCVE ID : CVE-2026-44932\n \n Published : June 16, 2026, 3:26 p.m. | 1\u00a0hour, 42\u00a0minutes ago\n \n Description : Passing of unsanitized strings from DHCP replies into the wicked dhcp clien...", "creation_timestamp": "2026-06-16T17:53:09.638283Z"}, {"uuid": "bfb9fb03-bdb5-4410-acce-b3394196f830", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44932", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mogewtkvur2r", "content": "\ud83d\udfe0 CVE-2026-44932 - High (8.8)\n\nPassing of unsanitized strings from DHCP replies into the wicked dhcp client before wicked 0.6.79...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-44932/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-16T18:00:59.402824Z"}, {"uuid": "0b066277-32ff-46fc-b9f6-97284c9846a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44939", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116777203438598649", "content": "The severity is increased for this new vulnerability affecting SUSE Rancher (CVE-2026-44939) https://vuldb.com/vuln/372349", "creation_timestamp": "2026-06-19T14:18:42.109101Z"}, {"uuid": "c3f1ae1f-5ccc-4013-9552-5a02208d7d18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44939", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3monrbpxeju2q", "content": "CVE-2026-44939 - Command injection through unsanitized YAML parameter in Rancher\nCVE ID : CVE-2026-44939\n \n Published : June 19, 2026, 12:13 p.m. | 1\u00a0hour, 29\u00a0minutes ago\n \n Description : A command injection vulnerability in the Rancher Manager cluster before 2.14.2 import end...", "creation_timestamp": "2026-06-19T16:30:26.675004Z"}, {"uuid": "74ade149-19c2-49be-bdc6-3b9771994264", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44930", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3moqr7febxj2t", "content": "\ud83d\udccc CVE-2026-44930 - An LDAP injection vulnerability in the LDAP Certificate repository of the XKMS server in Apache CXF may allow an attacker to retrieve arbitrary certif... https://www.cyberhub.blog/cves/CVE-2026-44930", "creation_timestamp": "2026-06-20T21:07:08.274708Z"}, {"uuid": "4e447f2a-8907-40ea-956e-31d03ccaee93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44930", "type": "seen", "source": "https://bsky.app/profile/securitycyberuk.bsky.social/post/3mottspams62p", "content": "\ud83d\udea8  ALERT: CVE-2026-44930\n\nCVSS 9.8/10\n\n\ud83d\udccb WHAT IT IS:\nAn LDAP injection vulnerability in the LDAP Certificate repository of the XKMS server in Apache CXF may allow an attacker to retrieve arbitrary certificates from the repository.\u00a0\nUsers are recommended to upgrade to versions 4.2.1, 4.1.6 or 3.6.11,", "creation_timestamp": "2026-06-22T02:31:42.113338Z"}, {"uuid": "62e1bd33-1a18-4ef8-aaa7-6b4cc4702f80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44935", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mpomehucbl2t", "content": "\ud83d\udd34 CVE-2026-44935 - Critical (9.9)\n\nMissing validation of \"valuesFrom\" references in Helm Deployer of SUSE Rancher Fleet 0.15 before ...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-44935/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-02T18:00:22.737848Z"}, {"uuid": "62456a19-3e3f-4a98-8b14-934adaafef05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44935", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mporyehyhq2b", "content": "CVE-2026-44935 - Rancher Fleet vulnerable to cross namespace secret disclosure via unvalidated `valuesFrom` references in Helm Deployer\nCVE ID : CVE-2026-44935\n \n Published : July 2, 2026, 4 p.m. | 3\u00a0hours, 13\u00a0minutes ago\n \n Description : Missing validation of \"valuesFrom\" ref...", "creation_timestamp": "2026-07-02T19:40:57.652751Z"}, {"uuid": "594d3746-cfa8-44ae-ad7b-52c51a83e362", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44935", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpq5o4f2qk26", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-44935 \u0432 Helm Deployer SUSE Rancher: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/647C96F4-CDCC-44D6-AFD1-464E3A0D6B5D", "creation_timestamp": "2026-07-03T08:42:38.303627Z"}, {"uuid": "1f34ea97-633a-449e-8825-5479e72623d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44935", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpqacowpdj2b", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-44935 \u0432 SUSE Rancher: \u0440\u0438\u0441\u043a\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/07CED34B-6A47-41E5-8357-8C260CEC28B4", "creation_timestamp": "2026-07-03T09:29:56.355218Z"}, {"uuid": "42d7a82f-a47f-40c7-8fc0-6f6dc30db129", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44935", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mpqeal2g522f", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-44935 \u0432 Helm Deployer SUSE Rancher: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/0E01B8E5-1509-469C-96CD-670AA658633A", "creation_timestamp": "2026-07-03T10:40:20.287157Z"}, {"uuid": "e9e29949-822c-4fb0-9ac7-81d088e3c28f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44935", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mprdww7mfa2k", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-44935 \u0432 Helm Deployer SUSE Rancher: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/3834B446-CECC-42F8-83F0-ED3F79D696A3", "creation_timestamp": "2026-07-03T20:07:35.885945Z"}, {"uuid": "dc17e14a-022c-4f95-a5d1-2bcc3241915e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44935", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mprj7uclmn2z", "content": "CVE-2026-44935 - rancher\nFleet, a tool used in Rancher Manager, has a security flaw that allows unauthorized access to sensitive data in multi-tenant environments. This means that one tenant could access and\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#rancher #Golang #CVE #infosec", "creation_timestamp": "2026-07-03T21:42:04.767393Z"}, {"uuid": "cd85ad3d-e3e2-4653-92a6-56d5cc78fd61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44936", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpxzncxins2y", "content": "CVE-2026-44936 - Rancher Fleet SSRF in Bundle Reader via Unvalidated Helm Repository URL in fleet.yaml\nCVE ID : CVE-2026-44936\n \n Published : July 6, 2026, 11:16 a.m. | 31\u00a0minutes ago\n \n Description : Missing filtering when the helmRepoURLRegex field isn't set on a GitRepo res...", "creation_timestamp": "2026-07-06T11:51:54.648561Z"}, {"uuid": "acd277f2-1bf7-4e8c-b4e7-a0a76cc773b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44937", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpy3l5tpj42s", "content": "CVE-2026-44937 - SUSE Rancher Fleet had an Unauthenticated Webhook: Regex Injection via Unsanitized Repository URL Components\nCVE ID : CVE-2026-44937\n \n Published : July 6, 2026, 11:16 a.m. | 31\u00a0minutes ago\n \n Description : Potential forgery of webhook requests when using a un...", "creation_timestamp": "2026-07-06T12:26:29.643319Z"}, {"uuid": "16a79cba-d0d2-403f-b486-bfe2ff3262e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44935", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mpzjgkfo2f2n", "content": "\ud83d\udccc CVE-2026-44935 - Missing validation of \"valuesFrom\" references in Helm Deployer of SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0... https://www.cyberhub.blog/cves/CVE-2026-44935", "creation_timestamp": "2026-07-07T02:07:07.357349Z"}, {"uuid": "f1a00087-7d73-4141-abaf-829936b4ed22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44938", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq2wp7phd52e", "content": "CVE-2026-44938 - Fleet has PSS Bypass through addLabelsFromOptions in Fleet Agent\nCVE ID : CVE-2026-44938\n \n Published : July 7, 2026, 2:16 p.m. | 58\u00a0minutes ago\n \n Description : A vulnerability has been identified in Fleet's agent-side deployer, which did not filter security-...", "creation_timestamp": "2026-07-07T15:37:16.414746Z"}, {"uuid": "80d1e8b7-48dd-4ce5-8f61-4d563ecd0f3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44934", "type": "seen", "source": "https://bsky.app/profile/qiancx.bsky.social/post/3mq6ov4q7ot2f", "content": "SUSE Rancher AI Agent 1.0 \u5b58\u5728\u4e25\u91cd\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e(CVE-2026-44934)\u8be6\u89e3\u4e0e\u5e94\u5bf9\u6307\u5357\n\n\n\nhttps://qian.cx/posts/7593BFA3-A1DA-4E44-8048-D4C1CCF672B7", "creation_timestamp": "2026-07-09T03:28:04.218892Z"}, {"uuid": "0141e436-e7f2-4536-a833-7574ac5525f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-44934", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mq6ov5pniv27", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-44934 \u0432 SUSE Rancher AI Agent: \u0443\u0433\u0440\u043e\u0437\u0430 \u0443\u0442\u0435\u0447\u043a\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u0440\u0438 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u043e\u043c \u0440\u0435\u0436\u0438\u043c\u0435 DEBUG\n\n\n\nhttps://kripta.biz/posts/47172777-F552-41F5-8456-90D110F5132A", "creation_timestamp": "2026-07-09T03:28:04.828040Z"}]}