CVE-2026-44934: A information disclosure when DEBUG loglevel is set in SUSE Rancher AI Agent 1.0 before 1.0.2 could leak API keys or LLM
Summary
When DEBUG loglevel (a setting that outputs detailed program information for troubleshooting) is enabled in SUSE Rancher AI Agent versions before 1.0.2, sensitive data like API keys (credentials for accessing external services) and LLM response text can be written to logfiles where local attackers (people with access to the same computer) could find and misuse them. This is rated as HIGH severity with a CVSS score (a 0-10 rating of how severe a vulnerability is) of 7.0.
Solution / Mitigation
Update SUSE Rancher AI Agent to version 1.0.2 or later.
Vulnerability Details
EPSS: 0.0%
July 6, 2026
Classification
Taxonomy References
Affected Vendors
Related Issues
GHSA-382c-vx95-w3p5: Gittensory: Missing contributor-scoped access control on profile endpoint and MCP tool leaks miner financial data
CVE-2026-2589: The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Sensitive Information Exposure
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-44934
First tracked: July 6, 2026 at 08:07 AM
Classified by LLM (prompt v3) · confidence: 92%