Question 1

What is CVE-2026-44939 — CVE-2026-44939?

Accepted Answer

A command injection vulnerability in the Rancher Manager cluster before 2.14.2 import endpoint /v3/import/{token}_{clusterId}.yaml through unsanitized YAML parameters could allow remote attackers to break out of an image, and execute e.g. malicious containers.

Question 2

What is the authoritative source for CVE-2026-44939?

Accepted Answer

CVE-2026-44939 (CVE-2026-44939) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

CVE-2026-44939CVE-2026-44939

Description

Scoring