{"document":{"category":"csaf_vex","csaf_version":"2.0","title":"CVE-2026-41053: Over-inclusive team membership expansion in GitHub App authentication provider for Rancher","publisher":{"category":"vendor","name":"HarborGuard Database","namespace":"https://database.harborguard.co"},"tracking":{"id":"CVE-2026-41053","status":"final","version":"1","initial_release_date":"2026-06-30T11:38:25.060Z","current_release_date":"2026-06-30T12:09:00.467Z","revision_history":[{"date":"2026-06-30T11:38:25.060Z","number":"1","summary":"Initial machine-readable export from HarborGuard."}]},"distribution":{"tlp":{"label":"WHITE"},"text":"Public CVE data; freely redistributable."},"notes":[{"category":"description","text":"Incorrect authentication caching in the team member ship expansion of the Rancher Github authentication provider caused it granting principal access to any logged in user, in 2.13 before 2.13.6 and 2.14 before 2.14.2.","title":"CVE description"}],"references":[{"category":"self","summary":"CVE-2026-41053 on HarborGuard Database","url":"https://database.harborguard.co/cve/CVE-2026-41053"},{"category":"external","summary":"CVE Record","url":"https://www.cve.org/CVERecord?id=CVE-2026-41053"},{"category":"external","summary":"github.com","url":"https://github.com/rancher/rancher/security/advisories/GHSA-4j6x-2764-m8gh"}]},"product_tree":{"branches":[{"category":"vendor","name":"SUSE","branches":[{"category":"product_name","name":"Rancher","branches":[{"category":"product_version_range","name":">=2.14.0 <2.14.2","product":{"name":"SUSE Rancher >=2.14.0 <2.14.2","product_id":"CSAFPID-1","product_identification_helper":{"cpe":"cpe:2.3:a:suse:rancher:*:*:*:*:*:*:*:*"}}},{"category":"product_version_range","name":">=2.13.0 <2.13.6","product":{"name":"SUSE Rancher >=2.13.0 <2.13.6","product_id":"CSAFPID-2","product_identification_helper":{"cpe":"cpe:2.3:a:suse:rancher:*:*:*:*:*:*:*:*"}}}]}]}]},"vulnerabilities":[{"cve":"CVE-2026-41053","title":"Over-inclusive team membership expansion in GitHub App authentication provider for Rancher","notes":[{"category":"description","text":"Incorrect authentication caching in the team member ship expansion of the Rancher Github authentication provider caused it granting principal access to any logged in user, in 2.13 before 2.13.6 and 2.14 before 2.14.2.","title":"CVE description"}],"product_status":{"known_affected":["CSAFPID-1","CSAFPID-2"]},"scores":[{"cvss_v3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH"},"products":["CSAFPID-1","CSAFPID-2"]}],"remediations":[{"category":"vendor_fix","details":"Update to a fixed version: 2.13.6, 2.14.2.","product_ids":["CSAFPID-1","CSAFPID-2"]}]}]}