216.73.217.126

CVE-2026-45172

· Published 12/06/2026 00:16 · Modified 12/06/2026 15:30 · Author: The MITRE Corporation

Labels: CVE-2026-45172 2026-06-11CVE-2026-45172CWE-78[email protected]

Essential information

Published
12/06/2026 00:16
Modified
12/06/2026 15:30
Author
The MITRE Corporation
Creator
The MITRE Corporation
CVSS
8.7 HIGH (v3) 8.7 HIGH (v4.0)
CISA KEV
No
CWE
CWE-78
CVSS vector

CVSS metrics

Description

Due to incomplete input validation in Idira Privileged Session Manager for SSH (PSMP) versions prior to 15.0.2, 14.6.3, 14.2.5, and 14.0.6, an authenticated, low-privileged user could potentially execute arbitrary commands on the PSMP host. CyberArk Security Bulletins: CA26-17 and CA26-18

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
cyberark / idira privileged session manager cpe:2.3:a:cyberark:idira_privileged_session_manager:15.0.2:*:*:*:*:*:*:*
cyberark / idira privileged session manager cpe:2.3:a:cyberark:idira_privileged_session_manager:14.6.3:*:*:*:*:*:*:*
cyberark / idira privileged session manager cpe:2.3:a:cyberark:idira_privileged_session_manager:14.2.5:*:*:*:*:*:*:*
cyberark / idira privileged session manager cpe:2.3:a:cyberark:idira_privileged_session_manager:14.0.6:*:*:*:*:*:*:*

References