SUSE Rancher AI Agent 1.0 Before 1.0.2: DEBUG Log Disclosure of API Keys
CVE-2026-44934 Published on July 6, 2026
Exposed tokens in SUSE Rancher AI Agent logs
A information disclosure when DEBUG loglevel is set in SUSE Rancher AI Agent 1.0 before 1.0.2 could leak API keys or LLM response text with potential sensitive data into logfiles, allowing local attackers to misuse respective gained data or credentials.
Weakness Type
Insertion of Sensitive Information Into Debugging Code
The application inserts sensitive information into debugging code, which could expose this information if the debugging code is not disabled in production. When debugging, it may be necessary to report detailed information to the programmer. However, if the debugging code is not disabled when the application is operating in a production environment, then this sensitive information may be exposed to attackers.
Products Associated with CVE-2026-44934
Want to know whenever a new CVE is published for Suse Rancher? stack.watch will email you.
Affected Versions
SUSE Rancher:- Version 1.0.0 and below 1.0.2 is affected.