CVE-2025-67601 - Rancher CLI skips TLS verification on Rancher CLI login command

CVE ID : CVE-2025-67601 Published : Feb. 25, 2026, 11:16 a.m. | 1 hour, 33 minutes ago Description : A vulnerability has been identified within Rancher Manager, where using self-signed CA certificates and passing the -skip-verify flag to the Rancher CLI login command without also passing the –cacert flag results in the CLI attempting to fetch CA certificates stored in Rancher’s setting cacerts. Severity: 8.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...