CVE-2026-44947 PUBLISHED

A missing clean-up in the legacy Project Role Template Binding (PRTB) reconciler in Rancher versions 2.13.0 up to 2.13.7 and 2.14.0 up to 2.14.3 allowed users to retain unauthorized Pod Security Admission (PSA) permissions after an administrator removes those permissions from a RoleTemplate.

• Isaac David finder

• https://github.com/rancher/rancher/security/advisories/GHSA-c4rp-wgqc-mfhc

• CWE-281 Improper preservation of permissions CWE

• CAPEC-115 Authentication Bypass