CVE-2026-45172

Publié : 11 juin 2026

Modifié : 11 juin 2026

Description détaillée

Due to incomplete input validation in Idira Privileged Session Manager for SSH (PSMP) versions prior to 15.0.2, 14.6.3, 14.2.5, and 14.0.6, an authenticated, low-privileged user could potentially execute arbitrary commands on the PSMP host. CyberArk Security Bulletins: CA26-17 and CA26-18

Références et Patchs

https://docs.cyberark.com/pam-self-hosted/latest/en/content/release%20notes/rn-whatsnew14-0-6.htm https://docs.cyberark.com/pam-self-hosted/latest/en/content/release%20notes/rn-whatsnew14-2-5.htm https://docs.cyberark.com/pam-self-hosted/latest/en/content/release%20notes/rn-whatsnew14-6-psmp.htm#14.6.3 https://docs.cyberark.com/pam-self-hosted/latest/en/content/release%20notes/rn-whatsnew15-0-psmp.htm#15.0.2

Dernières Vulnérabilités

CVE-2026-49482

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - #141, ClipBucket v5 contains an improper neutralization of SQL wildcard characters in the subtitle editing endpoint. An authenticated user can send a % character as the number parameter to overwrite all subtitle titles of any video they own in a single HTTP request. This issue has been patched in version 5.5.3 - #141.

VOIR DÉTAILS

CVE-2026-10676

Rejected reason: This CVE Record has been rejected by the Zephyr Project CNA. Subsequent analysis determined that the addressed defect is not reachable in any released version of Zephyr: on every supported release branch the affected value is corrected before it is used, and the change that exposes the defect exists only in unreleased development code. As no released version is affected, this identifier is withdrawn.

VOIR DÉTAILS

CVE-2026-47238

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - #133, a normal authenticated user can edit another user's video subtitles because of a lack of authorization. They can upload subtitles, edit their name or delete them. This issue has been patched in version 5.5.3 - #133.

VOIR DÉTAILS