Suse CVEs & Vulnerabilities

6 CVEs affecting Suse products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

rancher 4linux enterprise server 1rancher backup and restore operator 1
CVE-2026-44946HIGH

A SAML authentication replay vulnerability in Rancher's Assertion Consumer Service (ACS) handler did not enforce one-time use of SAML assertion, potentially allowing person in the middle attacks against Rancher, affecting Rancher 2.14.0 before 2.14.3,

30 Jun 2026
7.4
CVSS
CVE-2026-41053HIGH

Incorrect authentication caching in the team member ship expansion of the Rancher Github authentication provider caused it granting principal access to any logged in user, in 2.13 before 2.13.6 and 2.14 before 2.14.2.

30 Jun 2026
8.8
CVSS
CVE-2026-41052HIGH

Improper privilege handling could be used by users with Project Owner role to escalate privileges, in Rancher versions 2.14 before 2.14.2, 2.13 before 2.13.6, and 2.12 before 2.12.10.

29 Jun 2026
8.8
CVSS
CVE-2026-25702CRITICAL

A Improper Access Control vulnerability in the kernel of SUSE SUSE Linux Enterprise Server 12 SP5 breaks nftables, causing firewall rules applied via nftables to not be effective.This issue affects SUSE Linux Enterprise Server: from 9e6d9d4601768c75fdb0bad3fbbe636e748939c2 before 9c294edb7085fb91650bc12233495a8974c5ff2d.

5 Mar 2026
9.8
CVSS
CVE-2025-62879MEDIUM

A vulnerability has been identified within the Rancher Backup Operator, resulting in the leakage of S3 tokens (both accessKey and secretKey) into the rancher-backup-operator pod's logs.

4 Mar 2026
4.9
CVSS
CVE-2025-67601MEDIUM

A vulnerability has been identified within Rancher Manager, where using self-signed CA certificates and passing the -skip-verify flag to the Rancher CLI login command without also passing the –cacert flag results in the CLI attempting to fetch CA certificates stored in Rancher’s setting cacerts.

25 Feb 2026
4.8
CVSS
← PrevPage 1 / 1Next →