Input Validation Flaw in Idira Privileged Session Manager Affects CyberArk
CVE-2026-45171
Key Information:
- Vendor
- CVE Published:
- 11 June 2026
Badges
What is CVE-2026-45171?
The Idira Privileged Session Manager from CyberArk contains vulnerabilities due to improper input validation and misconfigured folder permissions. These issues allow low-privileged authenticated users to potentially execute arbitrary code, which can lead to unauthorized access and manipulation of sensitive information. Users utilizing versions of the Idira PSM prior to 15.0.3, 14.6.3, 14.2.5, and 14.0.5 are particularly at risk. CyberArk has released updates to rectify these vulnerabilities, and it is strongly recommended that users apply these patches to secure their systems.
Affected Version(s)
Privileged Session Manager, Vault 14.0 < 14.0.5
Privileged Session Manager, Vault 14.2 < 14.2.5
Privileged Session Manager, Vault 14.6 < 14.6.3
References
CVSS V4
Timeline
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved
