TLS Handshake Bypass Vulnerability in SUSE Harvester and Rancher Manager
CVE-2025-71261

8.6HIGH

Key Information:

Vendor: Suse
Status: Harvester
Vendor: CVE Published:; 16 June 2026

What is CVE-2025-71261?

An identified vulnerability affects SUSE Harvester prior to version 1.8.0 and represents a risk for users interacting with Rancher Manager. Attackers possessing network-level access may exploit this flaw to disrupt the TLS handshake process, undermining the intended security protocols. This vulnerability poses a significant risk as it allows for the potential circumvention of TLS as a protective measure, leading to unauthorized access and data interception.

Affected Version(s)

Harvester 0 < 1.8

References

https://github.com/harvester/harvester/security/advisorie...

vendor-advisory

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 16, 2026
Vulnerability Reserved
Mar 3, 2026

CVE-2025-71261 Data

JSON

Suse

What is CVE-2025-71261?

Affected Version(s)

References

CVSS V3.1

Timeline