Fleet (Rancher) Webhook Authentication Bypass Vulnerability, CVE-2026-44938 (High) -DC-Jul2026-800

Listen to this Post

How CVE-2026-44938 Works

A vulnerability has been identified in Fleet’s agent-side deployer, which did not filter security-sensitive keys from `namespaceLabels` in `fleet.yaml` (or BundleDeployment.spec.options.namespaceLabels) when applying them to the target namespace. An attacker with git push access to a Fleet-monitored repository could overwrite Pod Security Standards (PSS) enforcement labels on a target namespace. This allows the attacker to weaken admission controls and deploy workloads that PSS policies would otherwise block.
The vulnerability arises because Fleet’s Helm deployer did not fully apply ServiceAccount impersonation in two code paths. The Helm template engine ran Kubernetes API queries with the fleet-agent‘s cluster-admin credentials instead of the impersonated ServiceAccount. Additionally, Secret and ConfigMap references in `fleet.yaml helm.valuesFrom` were read using the fleet-agent‘s cluster-admin client. This allows a tenant to reference resources in namespaces the impersonated ServiceAccount has no access to.
Both issues break Fleet’s multi-tenant impersonation boundary. The final impact on confidentiality, integrity, and availability depends on the specific permissions of the leaked credentials. The vulnerability is classified as high severity.

DailyCVE Form

Platform: Rancher Fleet
Version: <0.12.15, <0.13.11, <0.14.6, <0.15.2
Vulnerability: PSS Bypass via namespaceLabels
Severity: High
Date: 2026-07-01

Prediction: Patch available now

What Undercode Say: Analytics

The vulnerability can be exploited by an attacker with git push access to a Fleet-monitored repository. The attacker can modify the `namespaceLabels` in `fleet.yaml` or `BundleDeployment.spec.options.namespaceLabels` to include security-sensitive keys, such as those with the `pod-security.kubernetes.io/` prefix. This allows the attacker to overwrite Pod Security Standards enforcement labels on the target namespace.

Example malicious fleet.yaml
namespaceLabels:
pod-security.kubernetes.io/enforce: "privileged"
pod-security.kubernetes.io/enforce-version: "latest"

By weakening the admission controls, the attacker can deploy privileged containers that would otherwise be blocked by PSS policies. This could lead to unauthorized access to sensitive resources and potential cluster compromise.
The vulnerability is associated with MITRE ATT&CK Technique T1499.004: Endpoint Denial of Service.

Exploit

To exploit this vulnerability, an attacker needs:

  1. Git Push Access: The attacker must have push access to a Git repository monitored by Fleet.
  2. Modify Fleet Configuration: The attacker modifies the `fleet.yaml` file in the repository to include malicious `namespaceLabels` that overwrite PSS labels.
  3. Deploy Workload: The attacker triggers a Fleet deployment, which applies the malicious labels to the target namespace.
  4. Deploy Privileged Pods: With the PSS enforcement weakened, the attacker can deploy privileged containers that bypass admission controls.
    Example: Attacker pushes a malicious fleet.yaml to the repository
    git add fleet.yaml
    git commit -m "Update namespace labels"
    git push origin main
    

Protection

To protect against this vulnerability, the following measures are recommended:
1. Upgrade Fleet: Upgrade to a patched version of Fleet: v0.15.2, v0.14.6, v0.13.11, or v0.12.15.
2. Deploy NeuVector: Deploy NeuVector (SUSE Security) and configure an admission control Deny rule for “Run as privileged” in Protect mode. NeuVector evaluates pod specs independently of Kubernetes PSS namespace labels and blocks privileged containers even if the labels are downgraded.
3. Restrict Repository Access: In a multi-tenant setup, restrict git push access to trusted users only. This reduces the attack surface but does not completely close the vulnerability.

Impact

The impact of this vulnerability can be severe:

Unauthorized Access: Attackers can weaken admission controls and deploy workloads that PSS policies would otherwise block.
Credential Leakage: The vulnerability can lead to the leakage of sensitive credentials, as the fleet-agent‘s cluster-admin credentials may be used to access resources beyond the tenant’s RBAC scope.
Cluster Compromise: Depending on the permissions of the leaked credentials, an attacker could gain full control over the Kubernetes cluster.
Denial of Service: The vulnerability can be used to trigger continuous repository re-cloning, increasing network traffic and depleting resources on the management cluster.

🎯Let’s Practice Exploiting & Learn Patching For Free:

🎓 Live Courses & Certifications:

Join Undercode Academy for Verified Certifications

🚀 Request a Custom Project:

Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top