Skip to main content

Conjur Enterprise

1 CVEs product

Monthly

CVE-2026-45178 HIGH PATCH This Week

Improper access control in CyberArk Conjur Enterprise (Idira Secrets Manager Self-Hosted) versions 13.8.0 and earlier allows authenticated attackers with standard node-level credentials to abuse internal cluster endpoints to retrieve unauthorized secrets or trigger denial of service. The flaw is rated CVSS 4.0 base 8.4 with high confidentiality impact extending to subsequent systems, but no public exploit identified at time of analysis. CyberArk has published Security Bulletin CA26-20 alongside fixed releases.

Authentication Bypass Denial Of Service Conjur Enterprise
NVD VulDB
CVSS 4.0
8.4
EPSS
0.1%
EPSS 0% CVSS 8.4
HIGH PATCH This Week

Improper access control in CyberArk Conjur Enterprise (Idira Secrets Manager Self-Hosted) versions 13.8.0 and earlier allows authenticated attackers with standard node-level credentials to abuse internal cluster endpoints to retrieve unauthorized secrets or trigger denial of service. The flaw is rated CVSS 4.0 base 8.4 with high confidentiality impact extending to subsequent systems, but no public exploit identified at time of analysis. CyberArk has published Security Bulletin CA26-20 alongside fixed releases.

Authentication Bypass Denial Of Service Conjur Enterprise
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy