A information disclosure when DEBUG loglevel is set in SUSE Rancher AI Agent 1.0 before 1.0.2 could leak API keys or LLM response text with potential sensitive data into logfiles, allowing local attackers to misuse respective gained data or credentials.
History

Mon, 06 Jul 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Suse
Suse rancher
Vendors & Products Suse
Suse rancher

Mon, 06 Jul 2026 10:30:00 +0000

Type Values Removed Values Added
Title Exposed tokens in SUSE Rancher AI Agent logs

Mon, 06 Jul 2026 09:00:00 +0000

Type Values Removed Values Added
Description A information disclosure when DEBUG loglevel is set in SUSE Rancher AI Agent 1.0 before 1.0.2 could leak API keys or LLM response text with potential sensitive data into logfiles, allowing local attackers to misuse respective gained data or credentials.
Weaknesses CWE-215
References
Metrics cvssV4_0

{'score': 7, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: suse

Published:

Updated: 2026-07-06T08:53:57.978Z

Reserved: 2026-05-08T12:29:48.967Z

Link: CVE-2026-44934

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-06T10:30:15Z