CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-45177

Idira Secrets Manager SaaS Edge versions prior to 1.8 exhibit improper access control within its internal authentication components. A remote, unauthenticated attacker could exploit this by submitting a specially crafted request. Under specific circumstances, this could allow the attacker to manipulate internal validation mechanisms, potentially leading to a bypass of identity verification and the unauthorized acquisition of an access token. CyberArk Security Bulletin: CA26-20

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 42.3%

CVSS Severity

CVSS v3 Score 9.1

References

https://docs.cyberark.com/secrets-manager-saas/latest/en/content/conjurcloud/whatsnew.htm#May132026

Products affected by CVE-2026-45177

Paloaltonetworks » Idira Secrets Manager Edge » Version: 1.3.2

cpe:2.3:a:paloaltonetworks:idira_secrets_manager_edge:1.3.2
Paloaltonetworks » Idira Secrets Manager Edge » Version: 1.4.0

cpe:2.3:a:paloaltonetworks:idira_secrets_manager_edge:1.4.0
Paloaltonetworks » Idira Secrets Manager Edge » Version: 1.5.0

cpe:2.3:a:paloaltonetworks:idira_secrets_manager_edge:1.5.0
Paloaltonetworks » Idira Secrets Manager Edge » Version: 1.6.0

cpe:2.3:a:paloaltonetworks:idira_secrets_manager_edge:1.6.0
Paloaltonetworks » Idira Secrets Manager Edge » Version: 1.7

cpe:2.3:a:paloaltonetworks:idira_secrets_manager_edge:1.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-45177

Products

Pricing

Contact Us