CVE-2026-44935

Rancher Fleet Cross-Namespace Secret Disclosure via Unvalidated valuesFrom References

Credential Access Discovery Last updated:

CVE-2026-44935 is a critical (CVSS 9.9) authorization bypass vulnerability in Rancher Fleet's Helm Deployer affecting versions 0.12.0-0.12.14, 0.13.0-0.13.10, 0.14.0-0.14.5, and 0.15.0-0.15.1. The Helm Deployer fails to validate namespace boundaries when resolving `valuesFrom` references in GitRepo or Bundle resources, allowing an attacker with access to one namespace to craft a GitRepo or Bundle that references Secrets or ConfigMaps from arbitrary namespaces including cluster-scoped secrets. This constitutes an incorrect authorization check (CWE-863) that can expose credentials, API keys, and sensitive configuration from namespaces the attacker should not have access to. A public PoC is available.

Vulnerability Intelligence

Public PoC

Affected Software

Vendor
go
Product
github.com/rancher/fleet
Versions
>= 0.15.0, < 0.15.2, >= 0.14.0, < 0.14.6, >= 0.13.0, < 0.13.11, >= 0.12.0, < 0.12.15

Weakness (CWE)

Timeline

Disclosed
July 1, 2026

CVSS

9.9
Critical (9.0–10)
Read the write-up →

What is CVE-2026-44935 Rancher Fleet Cross-Namespace Secret Disclosure via Unvalidated valuesFrom References?

Rancher Fleet Cross-Namespace Secret Disclosure via Unvalidated valuesFrom References (CVE-2026-44935) maps to the Credential Access and Discovery tactics — the adversary is trying to steal account names and passwords in MITRE ATT&CK.

This page provides production-ready detection logic for Rancher Fleet Cross-Namespace Secret Disclosure via Unvalidated valuesFrom References, covering the data sources and telemetry it touches: AuditLogs, KubeAuditEvent. The queries below are rated critical severity at medium confidence, and ship for 7 SIEM platforms — KQL, SPL, Elastic, QRadar, Sumo, YARA-L, LogScale.

MITRE ATT&CK

Tactic
Credential Access Discovery
Microsoft Sentinel / Defender
kusto
union
  (
    AuditLogs
    | where OperationName has_any ("get", "list") and ResourceType has_any ("secrets", "configmaps")
    | where Properties has "fleet" or InitiatedBy has "fleet"
    | extend RequestedNamespace = tostring(parse_json(Properties).targetResources[0].displayName)
    | extend RequestingNamespace = tostring(parse_json(Properties).initiatedBy.app.displayName)
    | where RequestedNamespace != RequestingNamespace and isnotempty(RequestedNamespace) and isnotempty(RequestingNamespace)
    | project TimeGenerated, OperationName, ResourceType, RequestedNamespace, RequestingNamespace, CorrelationId, Result
  ),
  (
    KubeAuditEvent
    | where ObjectRef_Resource in ("secrets", "configmaps")
    | where User_Username startswith "system:serviceaccount" and User_Username contains "fleet"
    | where Verb in ("get", "list", "watch")
    | extend SourceNamespace = tostring(split(User_Username, ":")[2])
    | where ObjectRef_Namespace != SourceNamespace and isnotempty(ObjectRef_Namespace)
    | project TimeGenerated, Verb, ObjectRef_Namespace, ObjectRef_Name, ObjectRef_Resource, SourceNamespace, User_Username, RequestURI, ResponseStatus_Code
  )
| where ResponseStatus_Code == 200 or Result == "success"
| summarize CrossNamespaceAccessCount=count(), AffectedSecrets=make_set(ObjectRef_Name, 20) by bin(TimeGenerated, 5m), SourceNamespace, ObjectRef_Namespace, User_Username
| where CrossNamespaceAccessCount > 0

Detects Rancher Fleet service accounts successfully reading Secrets or ConfigMaps in namespaces different from their own, which is the core exploitation pattern of CVE-2026-44935. Correlates Kubernetes audit logs and AuditLogs for cross-namespace secret/configmap GET/LIST operations initiated by Fleet service accounts.

critical severity medium confidence

Data Sources

AuditLogs KubeAuditEvent

Required Tables

AuditLogs KubeAuditEvent

False Positives

  • Legitimate Fleet administrators intentionally configuring cross-namespace Helm value sources in authorized multi-tenant setups
  • Fleet controller reconciliation loops that have been explicitly granted RBAC permissions for cross-namespace secret reads
  • Monitoring or backup tooling that runs as Fleet service accounts and reads secrets across namespaces

Sigma rule & cross-platform mapping

The detection logic for Rancher Fleet Cross-Namespace Secret Disclosure via Unvalidated valuesFrom References (CVE-2026-44935) above is provided in a vendor-neutral form so you can deploy it on any SIEM. The same logic is shipped here as native KQL (Microsoft Sentinel / Defender), SPL (Splunk), Elastic (Elastic Security (EQL)), QRadar (IBM QRadar (AQL)), Sumo (Sumo Logic CSE), YARA-L (Google Chronicle / SecOps), LogScale (CrowdStrike LogScale (CQL)) queries. In Sigma terms, this detection targets the following logsource:

logsource:
  product: azure

Browse the community-maintained Sigma rules for this technique:


Testing Methodology

Validate this detection against 4 adversary techniques from Atomic Red Team. Each test below lists the behaviour to exercise and the telemetry you should expect to see. Executable commands and cleanup steps are available with Pro.

  1. Test 1Simulate Fleet valuesFrom Cross-Namespace Secret Read

    Expected signal: Kubernetes audit log entry: verb=get, resource=secrets, objectRef.name=victim-secret, objectRef.namespace=fleet-test-victim, user.username=system:serviceaccount:fleet-test-attacker:fleet-*, responseStatus.code=200

  2. Test 2Enumerate Existing GitRepo valuesFrom Cross-Namespace References

    Expected signal: Script output listing cross-namespace references; Kubernetes API audit logs for GET gitrepos and GET bundles at cluster scope

  3. Test 3Fleet Service Account RBAC Permission Audit for Secret Access

    Expected signal: kubectl auth can-i commands generate Kubernetes audit log entries for SubjectAccessReview API calls; RBAC audit output identifies over-privileged Fleet service accounts

  4. Test 4Monitor Fleet Controller Live for Cross-Namespace Secret Access Events

    Expected signal: Real-time stdout alerts for each cross-namespace secret or configmap read event matching Fleet service account patterns

Unlock Pro Content

Get the full detection package for CVE-2026-44935 including response playbook, investigation guide, and atomic red team tests.

Response PlaybookInvestigation GuideHunting QueriesAtomic Red Team TestsTuning Guidance

Related Detections