CVE-2026-45176

Name: CVE-2026-45176 — Vulnerability Record
Brand: Quanteta Data Lab
SKU: CVE-2026-45176

HIGH

CVSS v4.0: 8.9

No privilegesNo user interactionPrivilege ManagementVendor advisory ref

Source data as of: 2026-06-12 05:00:13 UTC

At a glance

Severity: HIGH
CVSS: 8.9 v4.0 · NVD
EPSS: EPSS not provided by FIRST.org for this CVE
CISA KEV: No
Type: Privilege Management · NVD CWE
Attack conditions (CVSS vector): No privilegesNo user interaction · Source: NVD Vector
Published: 2026-06-11 · Modified: 2026-06-11
References: Jump to references (3)

CVSS / EPSS / KEV

CVSS v4.0 8.9 / 10 HIGH Source: NVD

EPSS — EPSS not provided by FIRST.org for this CVE Source: FIRST.org

CISA KEV No Source: CISA

Source — CVSS: NVD · EPSS: FIRST.org · KEV: CISA. Data & Sources

Description

Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within high-privileged agent components. A local, low-privileged attacker could exploit this by manipulating an internal communication mechanism or file operation. Under specific circumstances, this could potentially allow the attacker to bypass permission restrictions and execute unauthorized local actions with elevated privileges. CyberArk Security Bulletin: CA26-19

Record details

CVE ID: CVE-2026-45176
CVSS (v4.0): 8.9 (HIGH)
Vector: CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber
CISA KEV: No
Weakness (CWE): CWE-269
Affected configurations (CPE): 0
Published: 2026-06-11
Modified: 2026-06-11
Status: Awaiting Analysis

References

Reference URLs as listed by NVD, grouped by a mechanical match on the link's host/pattern. Labels describe the link type only.

← Back to all records

CVE-2026-45176

At a glance

CVSS / EPSS / KEV

Description

Record details

References

Related records

Same weakness type (CWE)

Published the same year