Rancher CVE Portal: Enhanced Transparency and Security for Rancher Workloads

The Rancher Security team just announced the public beta launch of the Rancher CVE Portal, available now at scans.rancher.com. This new resource is a significant step forward in providing clear, actionable visibility into vulnerabilities affecting Rancher and its associated dependencies.

What is the Rancher CVE Portal?

The Rancher CVE Portal provides a curated list of vulnerabilities for Rancher and related solutions, including but not limited to: Rancher, RKE2, Longhorn and Harvester.

The portal covers the latest stable versions, as well as development and head versions, for all supported release lines. CVEs are organized in tables by version, with raw CSV data also available for download.

This portal serves as the single source of truth for all internally identified critical and high-severity CVEs in our container images. Whether you’re a customer managing production workloads or an open-source user evaluating vulnerabilities, the portal makes it easy to stay informed.

Additionally, the public repository used to build the site is available on GitHub, ensuring full transparency and alignment with our broader community practices.