Home

Description

A information disclosure when DEBUG loglevel is set in SUSE Rancher AI Agent 1.0 before 1.0.2 could leak API keys or LLM response text with potential sensitive data into logfiles, allowing local attackers to misuse respective gained data or credentials.

PUBLISHED Reserved 2026-05-08 | Published 2026-07-06 | Updated 2026-07-06 | Assigner suse




HIGH: 7.0CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H

Problem types

CWE-215 Insertion of sensitive information into debugging code

Product status

Default status
unaffected

1.0.0 (semver) before 1.0.2
affected

References

github.com/...-agent/security/advisories/GHSA-5r2r-h824-fr5v vendor-advisory

cve.org (CVE-2026-44934)

nvd.nist.gov (CVE-2026-44934)

Download JSON