What is GHSA-g3c5-h5qv-px3q?

GHSA-g3c5-h5qv-px3q is a security advisory published by GitHub Security Advisories with Critical severity. Incomplete input validation and improperly configured folder permissions within Idira Privileged...

Which CVE IDs does GHSA-g3c5-h5qv-px3q cover?

GHSA-g3c5-h5qv-px3q covers the following CVE IDs: CVE-2026-45171. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-g3c5-h5qv-px3q?

GHSA-g3c5-h5qv-px3q has a CVSS v3 base score of 8.8, published by GitHub Security Advisories.

GHSA-g3c5-h5qv-px3qCriticalCVSS 8.8

Incomplete input validation and improperly configured folder permissions within Idira Privileged...

Vendor

GitHub Security Advisories

Published

June 12, 2026

Last Modified

June 23, 2026

🔗 CVE IDs covered (1)

CVE-2026-45171 →

📋 Description

Incomplete input validation and improperly configured folder permissions within Idira Privileged Session Manager (PSM) versions prior to 15.0.3, 14.6.3, 14.2.5, and 14.0.5, an authenticated, low-privileged user could potentially execute arbitrary code. CyberArk Security Bulletin: CA26-17 and CA26-18

🔗 References (6)

https://nvd.nist.gov/vuln/detail/CVE-2026-45171
https://docs.cyberark.com/pam-self-hosted/latest/en/content/release%20notes/rn-whatsnew14-0-5.htm
https://docs.cyberark.com/pam-self-hosted/latest/en/content/release%20notes/rn-whatsnew14-2-5.htm
https://docs.cyberark.com/pam-self-hosted/latest/en/content/release%20notes/rn-whatsnew14-6-psm.htm#14.6.3
https://docs.cyberark.com/pam-self-hosted/latest/en/content/release%20notes/rn-whatsnew15-0-psm.htm#15.0.3
https://github.com/advisories/GHSA-g3c5-h5qv-px3q