Github.com/rancher/rancher

This hub aggregates every CVE we track for Github.com/rancher/rancher, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Github.com/rancher/rancher.

• CVE-2025-67601Rancher CLI skips TLS verification on Rancher CLI login command8.3Feb 25, 2026
• CVE-2024-58269Rancher exposes sensitive information through audit logs4.3Oct 29, 2025
• CVE-2023-32199Rancher user retains access to clusters despite Global Role removal4.3Oct 29, 2025
• CVE-2024-58260Rancher update on users can deny the service to the admin7.6Oct 2, 2025
• CVE-2024-58267Rancher CLI SAML authentication is vulnerable to phishing attacks8.0Oct 2, 2025
• CVE-2025-54468Rancher sends sensitive information to external services through the `/meta/proxy` endpoint4.7Oct 2, 2025
• CVE-2024-58259Rancher affected by unauthenticated Denial of Service8.2Sep 2, 2025
• CVE-2023-32197Rancher's External RoleTemplates can lead to privilege escalation6.6Apr 16, 2025
• CVE-2024-22036Rancher Remote Code Execution via Cluster/Node Drivers9.1Apr 16, 2025
• CVE-2024-52281Stored Cross-site Scripting vulnerability in Rancher UI8.9Apr 16, 2025
• CVE-2024-52282Rancher Helm Applications may have sensitive values leaked6.2Apr 11, 2025
• CVE-2025-23387Rancher's SAML-based login via CLI can be denied by unauthenticated users5.3Apr 11, 2025
• CVE-2025-23388Unauthenticated stack overflow in /v3-public/authproviders API8.2Apr 11, 2025
• CVE-2025-23389Rancher does not Properly Validate Account Bindings in SAML Authentication Enables User Impersonation on First Login8.4Apr 11, 2025
• CVE-2025-23391Rancher: Restricted Administrator can change Administrator's passwords9.1Apr 11, 2025