HIGH
rancher
CVE published 2026-05-28
CVE-2026-44543
A high-severity vulnerability in Rancher Local Path Provisioner versions prior to 0.0.36 allows privilege escalation through ConfigMap template manipulation. The provisioner's helperPod.yaml template, stored in the local-path-config ConfigMap within the local-path-storage namespace, lacks sufficient validation before use during PVC provisioning and cleanup operations. An attacker with permissions to edit [truncated]