CVE-2026-44949
Unauthenticated namespace creation and RBAC injection via rancher-webhook FleetWorkspace mutating webhook
Description
A Rancher FleetWorkspace admission path allowed side effects to occur in the Rancher webhook handler for versions 0.7.0 up to 0.7.10, 0.8.0 up to 0.8.7, 0.9.0 up to 0.9.6 and 0.10.0 up to 0.10.7. An unauthenticated attacker with network access to the in-cluster rancher-webhook service could submit a crafted admission payload and cause workspace-related Kubernetes objects to be created with attacker-chosen identity data.
INFO
Published Date :
June 30, 2026, 2:41 p.m.
Last Modified :
June 30, 2026, 2:41 p.m.
Remotely Exploit :
Yes !
Source :
suse
CVSS Scores
| Score | Version | Severity | Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|---|
| CVSS 4.0 | HIGH | 404e59f5-483d-4b8a-8e7a-e67604dd8afb | ||||
| CVSS 4.0 | HIGH | [email protected] |
Solution
- Update Rancher FleetWorkspace to a patched version.
- Verify webhook handler security controls.
- Restrict network access to the webhook service.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2026-44949 vulnerability anywhere in the article.