A vulnerability was found in SUSE Rancher up to 2.11.12/2.12.8/2.13.4/2.14.0 . It has been declared as critical . The impacted element is an unknown function in the library /var/lib/rancher/ of the component UI Handler . Executing a manipulation of the argument compressedEndpoint can lead to path traversal: '.../...//'. This vulnerability is tracked as CVE-2026-25705 . The attack can be launched remotely. No exploit exists. It is recommended to upgrade the affected component.