Vulnerability  ·  2026-07-07

SUSE Rancher AI Agent — Debug-Level Logging Leaks API Keys and LLM Response Content

VulnerabilityMedium impactGlobalCVE-2026-44934
SUSE's Rancher AI Agent component logs API keys and raw LLM response text at DEBUG verbosity without redaction, exposing credentials and potentially sensitive model output to anyone with log access.
AI agent credential leakage via logs is a recurring class of vulnerability (seen elsewhere this week in Langflow's credential-encryption flaw); in a Kubernetes-managed enterprise AI platform like Rancher, leaked API keys can be used to pivot into upstream LLM provider accounts or other connected services.
When DEBUG loglevel is enabled, Rancher AI Agent writes API keys and full LLM response text — potentially including sensitive data — into logfiles, which local attackers with log access can read to obtain credentials or leaked data.
SUSE Rancher AI Agent 1.0, versions before 1.0.2
Upgrade to Rancher AI Agent >= 1.0.2; avoid DEBUG loglevel in production, and restrict log file access. See GHSA-5r2r-h824-fr5v.
NVD CVE-2026-44934GitHub Security Advisory GHSA-5r2r-h824-fr5v
See this in the live feed Explore related AI security and governance findings — updated every morning.
Open the feed →