cbcvebase.
CVE-2025-67601
published 2026-02-25

CVE-2025-67601: A vulnerability has been identified within Rancher Manager, where using self-signed CA certificates and passing the -skip-verify flag to the Rancher CLI login…

PriorityP424medium4.8CVSS 3.1
AVNACHPRNUINSUCLILAN
EPSS
0.15%
4.9th percentile
A vulnerability has been identified within Rancher Manager, where using self-signed CA certificates and passing the -skip-verify flag to the Rancher CLI login command without also passing the –cacert flag results in the CLI attempting to fetch CA certificates stored in Rancher’s setting cacerts.

Affected

10 ranges
VendorProductVersion rangeFixed in
github.comrancher_rancher>= 0 < 0.0.0-20260129092249-bb0625fd18960.0.0-20260129092249-bb0625fd1896
github.comrancher_rancher>= 2.10.0 < 2.10.112.10.11
github.comrancher_rancher>= 2.11.0 < 2.11.102.11.10
github.comrancher_rancher>= 2.12.0 < 2.12.62.12.6
github.comrancher_rancher>= 2.13.0 < 2.13.22.13.2
suserancher< 0.0.0-20260129092249-bb0625fd18960.0.0-20260129092249-bb0625fd1896
suserancher>= 2.10.0 < 2.10.112.10.11
suserancher>= 2.11.0 < 2.11.102.11.10
suserancher>= 2.12.0 < 2.12.62.12.6
suserancher>= 2.13.0 < 2.13.22.13.2
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.