Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

SUSE — Vulnerabilities & Security Advisories 207

Browse all 207 CVE security advisories affecting SUSE. AI-powered Chinese analysis, POCs, and references for each vulnerability.

SUSE operates primarily as a provider of enterprise Linux distributions and cloud-native solutions, serving critical infrastructure in hybrid and multi-cloud environments. With 185 recorded CVEs, its vulnerability profile reflects the complexity of managing large-scale open-source codebases. Historically, common flaw classes include remote code execution (RCE), buffer overflows, and privilege escalation vulnerabilities, often stemming from misconfigurations or outdated dependencies within its core operating system components. Notable security characteristics involve its focus on container security and Kubernetes integration, which introduces attack surfaces related to orchestration layers. While no single catastrophic incident defines its history, the sheer volume of vulnerabilities highlights the ongoing challenge of maintaining security in widely deployed, long-term support releases. This necessitates rigorous patch management and continuous monitoring to mitigate risks associated with its extensive ecosystem of integrated services and third-party libraries.

CVE IDTitleCVSSSeverityPublished
CVE-2026-44938 Fleet has PSS Bypass through addLabelsFromOptions in Fleet Agent — RancherCWE-522 8.8 High2026-07-07
CVE-2026-44937 SUSE Rancher Fleet had an Unauthenticated Webhook: Regex Injection via Unsanitized Repository URL Components — RancherCWE-918--2026-07-06
CVE-2026-44936 Rancher Fleet SSRF in Bundle Reader via Unvalidated Helm Repository URL in fleet.yaml — RancherCWE-918 5.0 Medium2026-07-06
CVE-2026-44934 Exposed tokens in SUSE Rancher AI Agent logs — RancherCWE-215--2026-07-06
CVE-2026-44935 Rancher Fleet vulnerable to cross namespace secret disclosure via unvalidated `valuesFrom` references in Helm Deployer — RancherCWE-1287 9.9 Critical2026-07-02
CVE-2026-44941 libzypp path traversal via "keyhint" in repomd.xml — libzyppCWE-23 8.4 High2026-07-02
CVE-2026-44948 Path Traversal in Rancher Fleet ImageScan GitRepo Path Handler — RancherCWE-23--2026-06-30
CVE-2026-44949 Unauthenticated namespace creation and RBAC injection via rancher-webhook FleetWorkspace mutating webhook — RancherCWE-306--2026-06-30
CVE-2026-44947 Stale PSA ClusterRoleBinding Persists After RoleTemplate Downgrade in Rancher — RancherCWE-281--2026-06-30
CVE-2026-44946 SAML Authentication Replay in Rancher — RancherCWE-294--2026-06-30
CVE-2026-41053 Over-inclusive team membership expansion in GitHub App authentication provider for Rancher — RancherCWE-303 8.8 High2026-06-30
CVE-2026-41052 Rancher Privilege Escalation from Project Owner to Host — RancherCWE-305--2026-06-29
CVE-2026-25707 Handcrafted repo metadata may cause arbitrary local files to be overwritten by libzypp — libzyppCWE-23 8.8 High2026-06-29
CVE-2026-44939 Command injection through unsanitized YAML parameter in Rancher — RancherCWE-95--2026-06-19
CVE-2026-44942 libzypp .repo files can have an optional path which can lead to path traversal attacks — libzyppCWE-24 6.5 Medium2026-06-18
CVE-2025-71261 Harvester's SUSE Virtualization Registration Client Vulnerable to MITM and DOS — HarvesterCWE-295 8.6 High2026-06-16
CVE-2026-44932 indirect remote shell command injection via unsanitized DHCP options in wicked — wickedCWE-78 8.8 High2026-06-16
CVE-2026-41054 Missing exit out of permission check in haveged could lead to root exploit — Container suse/sle-micro-rancher/5.3:latestCWE-305 7.8 High2026-05-20
CVE-2026-44933 Path Traversal in Plugin Loading in libzypp — SUSE Linux EnterpriseCWE-35 7.8 High2026-05-20
CVE-2026-41051 csync2 uses insecure temporary directories when compiled with C99 or later — openSUSE Tumbleweed 5.0 Medium2026-05-13
CVE-2026-41050 Helm impersonation bypass of `RESTClientGetter` retains `cluster-admin` during template rendering — RancherCWE-863 9.9 Critical2026-05-13
CVE-2026-25705 Rancher Extensions have arbitrary file access via path traversal — rancherCWE-35 8.4 High2026-05-13
CVE-2026-25702 nftables disabled due to incorrect kernel backport — SUSE Linux Enterprise ServerCWE-284 7.3 High2026-03-05
CVE-2025-62879 Rancher Backup Operator pod's logs leak S3 tokens — RancherCWE-532 6.8 Medium2026-03-04
CVE-2025-62878 Local Path Provisioner vulnerable to Path Traversal via parameters.pathPattern — RancherCWE-23 9.9 Critical2026-02-25
CVE-2025-67601 Rancher CLI skips TLS verification on Rancher CLI login command — rancherCWE-295 8.3 High2026-02-25
CVE-2025-67860 NeuVector scanner insecurely handles passwords as command arguments — harvesterCWE-522 3.8 Low2026-02-25
CVE-2025-62877 Harvest may expose OS default ssh login password via SUSE Virtualization Interactive Installer — harvesterCWE-1188 9.8 Critical2026-01-08
CVE-2025-66001 NeuVector OpenID Connect is vulnerable to man-in-the-middle (MITM) — neuvectorCWE-295 8.8 High2026-01-08
CVE-2025-62875 Local DoS in OpenSMTPD via UNIX domain socket smtpd.sock — openSUSE TumbleweedCWE-754 5.5 -2025-11-20

This page lists every published CVE security advisory associated with SUSE. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.