Critical Rancher Fleet Vulnerability (CVE-2026-41050) Exposes Kubernetes Clusters to Privilege Escalation
The SUSE Rancher Security team has disclosed a critical vulnerability, CVE-2026-41050, affecting Rancher Fleet, a widely used GitOps tool for managing Kubernetes clusters. The flaw completely breaks multi-tenant isolation, allowing attackers to bypass security boundaries and extract sensitive data, including admin credentials.
Vulnerability Details
The issue stems from Fleet’s Helm deployer failing to enforce ServiceAccount impersonation, enabling two attack vectors:
- Helm Lookup Exploitation – Malicious Helm charts using the
lookupfunction execute with fleet-agent privileges instead of restricted tenant permissions, allowing attackers to harvest secrets from any namespace. - FleetFleet.yaml Misconfiguration – The
valuesFromdirective in configuration files reads secrets with cluster-admin privileges, making unauthorized access appear as legitimate operations.
Attackers with basic git push access to a monitored repository can deploy malicious charts to extract admin tokens, enabling full cluster-admin access or lateral movement into corporate infrastructure (e.g., AWS IAM roles).
Affected Versions
- Rancher Fleet: Versions before 0.11.13, 0.12.14, 0.13.10, and 0.14.5.
- Rancher:
- 2.10.11 and older (requires manual Fleet upgrade).
- 2.11.x, 2.12.x, 2.13.x (patched in 2.11.13, 2.12.9, 2.13.5).
- 2.14.0 (patched in 2.14.1).
Impact & Mitigation
The vulnerability poses a severe risk to shared DevOps and Kubernetes-as-a-Service environments. While patching is the definitive fix, security teams are advised to:
- Disable Fleet-monitored repositories for untrusted tenants.
- Audit Git repositories for malicious Helm charts using
lookupor cross-namespacevaluesFrom. - Rotate exposed secrets (e.g.,
kube-systemnamespace) if unauthorized access is detected. - Enable strict Kubernetes API audit logging to monitor future secret reads.
The flaw was analyzed by Lyrie Threat Intelligence, which warned that the Helm deployer could effectively function as a secret-harvesting tool in compromised environments.
Source: https://gbhackers.com/critical-vulnerability-in-rancher-fleet/
SUSE TPRM report: https://www.rankiteo.com/company/suse
"id": "sus1778235983",
"linkid": "suse",
"type": "Vulnerability",
"date": "5/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': 'Users of Rancher Fleet and '
'Rancher-managed Kubernetes '
'clusters',
'industry': 'Technology/Cloud Infrastructure',
'name': 'SUSE Rancher',
'type': 'Software Vendor'}],
'attack_vector': 'Malicious Helm charts via git push access',
'data_breach': {'data_exfiltration': 'Possible via malicious Helm charts',
'personally_identifiable_information': 'Possible (admin '
'credentials, secrets)',
'sensitivity_of_data': 'High (admin tokens, PII, corporate '
'infrastructure access)',
'type_of_data_compromised': 'Admin credentials, sensitive '
'secrets'},
'description': 'The SUSE Rancher Security team disclosed a critical '
'vulnerability, CVE-2026-41050, affecting Rancher Fleet, a '
'GitOps tool for managing Kubernetes clusters. The flaw breaks '
'multi-tenant isolation, allowing attackers to bypass security '
'boundaries and extract sensitive data, including admin '
'credentials. The vulnerability stems from Fleet’s Helm '
'deployer failing to enforce ServiceAccount impersonation, '
'enabling two attack vectors: Helm Lookup Exploitation and '
'FleetFleet.yaml Misconfiguration. Attackers with git push '
'access can deploy malicious charts to extract admin tokens, '
'gaining full cluster-admin access or lateral movement into '
'corporate infrastructure.',
'impact': {'data_compromised': 'Admin credentials, sensitive secrets (e.g., '
'kube-system namespace)',
'identity_theft_risk': 'High (exposure of admin credentials and '
'PII)',
'operational_impact': 'Full cluster-admin access, lateral movement '
'into corporate infrastructure (e.g., AWS '
'IAM roles)',
'systems_affected': 'Kubernetes clusters managed by Rancher Fleet'},
'initial_access_broker': {'entry_point': 'Git push access to monitored '
'repositories',
'high_value_targets': 'Admin credentials, '
'Kubernetes secrets'},
'lessons_learned': 'Multi-tenant isolation in GitOps tools must enforce '
'strict ServiceAccount impersonation to prevent privilege '
'escalation. Helm deployers should be audited for '
'secret-harvesting capabilities.',
'post_incident_analysis': {'corrective_actions': ['Enforce strict '
'ServiceAccount '
'impersonation in Helm '
'deployers',
'Audit and restrict Helm '
'chart functions (e.g., '
'`lookup`, `valuesFrom`)',
'Improve multi-tenant '
'isolation in GitOps tools'],
'root_causes': 'Fleet’s Helm deployer failing to '
'enforce ServiceAccount '
'impersonation, allowing privilege '
'escalation via Helm Lookup '
'Exploitation and FleetFleet.yaml '
'Misconfiguration'},
'recommendations': ['Patch affected Rancher Fleet and Rancher versions '
'immediately',
'Disable untrusted tenant repositories in Fleet',
'Audit Git repositories for malicious Helm charts',
'Rotate exposed secrets and enable API audit logging',
'Monitor for unauthorized secret reads or cluster-admin '
'activity'],
'references': [{'source': 'SUSE Rancher Security Team'},
{'source': 'Lyrie Threat Intelligence'}],
'response': {'containment_measures': ['Disable Fleet-monitored repositories '
'for untrusted tenants',
'Audit Git repositories for malicious '
'Helm charts using `lookup` or '
'cross-namespace `valuesFrom`'],
'enhanced_monitoring': 'Enable strict Kubernetes API audit '
'logging',
'recovery_measures': ['Rotate exposed secrets (e.g., kube-system '
'namespace)',
'Enable strict Kubernetes API audit '
'logging'],
'remediation_measures': ['Patch Rancher Fleet to versions '
'0.11.13, 0.12.14, 0.13.10, or 0.14.5',
'Patch Rancher to versions 2.11.13, '
'2.12.9, 2.13.5, or 2.14.1']},
'title': 'Critical Rancher Fleet Vulnerability (CVE-2026-41050) Exposes '
'Kubernetes Clusters to Privilege Escalation',
'type': 'Privilege Escalation',
'vulnerability_exploited': 'CVE-2026-41050'}