SUSE Rancher AI Agent 1.0 Before 1.0.2: DEBUG Log Disclosure of API Keys
CVE-2026-44934 Published on July 6, 2026

Exposed tokens in SUSE Rancher AI Agent logs
A information disclosure when DEBUG loglevel is set in SUSE Rancher AI Agent 1.0 before 1.0.2 could leak API keys or LLM response text with potential sensitive data into logfiles, allowing local attackers to misuse respective gained data or credentials.

Vendor Advisory NVD

Weakness Type

Insertion of Sensitive Information Into Debugging Code

The application inserts sensitive information into debugging code, which could expose this information if the debugging code is not disabled in production. When debugging, it may be necessary to report detailed information to the programmer. However, if the debugging code is not disabled when the application is operating in a production environment, then this sensitive information may be exposed to attackers.


Products Associated with CVE-2026-44934

Want to know whenever a new CVE is published for Suse Rancher? stack.watch will email you.

 

Affected Versions

SUSE Rancher: