CVE-2026-41052 | HackTesting

Improper privilege handling could be used by users with Project Owner role to escalate privileges, in Rancher versions 2.14 before 2.14.2, 2.13 before 2.13.6, and 2.12 before 2.12.10.

Credits

Radtke Benedikt <Radtke@iabg.de> - github.com/Trolldemorted and Munier Marc <Munier@iabg.de> - github.com/mmunier

References

https://github.com/rancher/rancher/security/advisories/GHSA-vx8h-4prv-g744