{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-41050", "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "state": "PUBLISHED", "assignerShortName": "suse", "dateReserved": "2026-04-16T13:37:50.679Z", "datePublished": "2026-05-13T08:04:57.293Z", "dateUpdated": "2026-05-13T08:05:26.978Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "shortName": "suse", "dateUpdated": "2026-05-13T08:05:26.978Z"}, "title": "Helm impersonation bypass of `RESTClientGetter` retains `cluster-admin` during template rendering", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-863", "description": "CWE-863: Incorrect Authorization", "type": "CWE"}]}], "affected": [{"vendor": "SUSE", "product": "Rancher", "packageName": "github.com/rancher/fleet", "versions": [{"status": "affected", "version": "0.15.0", "lessThan": "0.15.1", "versionType": "semver"}, {"status": "affected", "version": "0.14.0", "lessThan": "0.14.5", "versionType": "semver"}, {"status": "affected", "version": "0.13.0", "lessThan": "0.13.10", "versionType": "semver"}, {"status": "affected", "version": "0.12.0", "lessThan": "0.12.14", "versionType": "semver"}, {"status": "affected", "version": "0.11.0", "lessThan": "0.11.13", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Fleet's Helm deployer did not fully apply ServiceAccount impersonation in two code paths, allowing a tenant with git push access to a Fleet-monitored repository to read secrets from any namespace on every downstream cluster targeted by their `GitRepo`.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Fleet's Helm deployer did not fully apply ServiceAccount impersonation in two code paths, allowing a tenant with git push access to a Fleet-monitored repository to read secrets from any namespace on every downstream cluster targeted by their `GitRepo`."}]}], "references": [{"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2026-41050"}, {"url": "https://github.com/advisories/GHSA-765j-qfrp-hm3j"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "CRITICAL", "baseScore": 9.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}}], "credits": [{"lang": "en", "value": "https://github.com/kodareef5", "type": "finder"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{}

{}

{}

{}