{"id":"CVE-2026-44947","summary":"Stale PSA ClusterRoleBinding Persists After RoleTemplate Downgrade in Rancher","details":"A missing clean-up in the legacy Project Role Template Binding (PRTB) \nreconciler in Rancher versions 2.13.0 up to 2.13.7 and 2.14.0 up to 2.14.3 allowed users to retain unauthorized Pod Security \nAdmission (PSA) permissions after an administrator removes those \npermissions from a RoleTemplate.","aliases":["GHSA-c4rp-wgqc-mfhc"],"modified":"2026-07-15T01:49:21.149393911Z","published":"2026-06-30T14:21:01.291Z","database_specific":{"cna_assigner":"suse","cwe_ids":["CWE-281"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/44xxx/CVE-2026-44947.json"},"references":[{"type":"WEB","url":"https://github.com/rancher/rancher/"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/44xxx/CVE-2026-44947.json"},{"type":"ADVISORY","url":"https://github.com/rancher/rancher/security/advisories/GHSA-c4rp-wgqc-mfhc"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-44947"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/rancher/rancher","events":[{"introduced":"f94ac947f75e312f1ab9217d21b2770b48b734c8"},{"fixed":"81dc2c4ed99c5d478f01ab1a6d4def772df349c6"},{"introduced":"19d8a9c03fde57ab691101dc90a17b92c55f09ad"},{"fixed":"4603afd276483411c06a2b716eca38931b564e48"}],"database_specific":{"extracted_events":[{"introduced":"2.13.0"},{"fixed":"2.13.7"},{"introduced":"2.14.0"},{"fixed":"2.14.3"}],"source":"AFFECTED_FIELD"}}],"versions":["v2.13.3","v2.14.3-rc1","v2.13.7-rc1","v2.14.2","v2.14.3-alpha6","v2.13.7-alpha7","v2.13.7-alpha6","v2.13.7-alpha5","v2.14.3-alpha5","v2.13.7-alpha4","v2.14.3-alpha4","v2.14.3-alpha3","v2.13.7-alpha3","v2.14.3-alpha2","v2.13.7-alpha2","v2.13.7-alpha1","v2.14.3-alpha1","v2.13.6","v2.14.2-rc1","v2.13.6-rc1","v2.14.2-alpha8","v2.13.6-alpha6","v2.14.2-alpha7","v2.14.2-alpha6","v2.13.6-alpha5","v2.14.2-alpha5","v2.14.2-alpha4","v2.14.1-alpha14","v2.13.6-alpha4","v2.14.2-alpha3","v2.13.6-alpha3","v2.13.6-alpha2","v2.14.2-alpha2","v2.13.6-alpha1","v2.14.2-alpha1","v2.14.1","v2.13.5","v2.14.1-rc2","v2.14.1-rc1","v2.13.5-rc1","v2.14.1-alpha13","v2.14.1-alpha12","v2.13.5-alpha7","v2.14.1-alpha11","v2.14.1-alpha10","v2.14.1-alpha9","v2.14.1-alpha8","v2.13.5-alpha6","v2.14.1-alpha7","v2.14.1-alpha6","v2.14.1-alpha5","v2.13.5-alpha5","v2.13.5-alpha4","v2.14.1-alpha4","v2.13.5-alpha3","v2.14.1-alpha3","v2.13.5-alpha2","v2.13.5-alpha1","v2.14.1-alpha2","v2.14.1-alpha1","v2.14.0","v2.13.4","v2.13.4-rc1","v2.13.4-alpha5","v2.13.4-alpha4","v2.13.4-alpha3","v2.13.4-alpha2","v2.13.4-alpha1","v2.13.3-rc3","v2.13.3-rc2","v2.13.3-rc1","v2.13.3-alpha6","v2.13.3-alpha5","v2.13.3-alpha4","v2.13.3-alpha3","v2.13.3-alpha2","v2.13.3-alpha1","v2.13.2-rc2","v2.13.2","v2.13.2-rc1","v2.13.2-alpha7","v2.13.2-alpha6","v2.13.2-alpha5","v2.13.2-alpha4","v2.13.2-alpha3","v2.13.2-alpha2","v2.13.2-alpha1","v2.13.1","v2.13.1-rc1","v2.13.1-alpha7","v2.13.1-alpha6","v2.13.1-alpha5","v2.13.1-alpha4","v2.13.1-alpha3","v2.13.1-alpha2","v2.13.1-alpha1","v2.13.0-rc4","v2.13.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-44947.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N"}]}