Skip to main content

Cribl Stream

1 CVEs product

Monthly

CVE-2026-45392 HIGH PATCH This Week

Information disclosure in Cribl Stream versions prior to 4.17.1 allows authenticated remote attackers with low privileges to obtain sensitive data when a user interacts with attacker-supplied content, per CVSS 4.0 vector AV:N/AC:L/PR:L/UI:A. The flaw, classified as CWE-20 (Improper Input Validation), carries a CVSS base score of 8.4 reflecting high confidentiality and integrity impact, but EPSS is only 0.02% (5th percentile) and CISA SSVC reports no observed exploitation. No public exploit identified at time of analysis.

Information Disclosure Cribl Stream
NVD VulDB
CVSS 4.0
8.4
EPSS
0.0%
EPSS 0% CVSS 8.4
HIGH PATCH This Week

Information disclosure in Cribl Stream versions prior to 4.17.1 allows authenticated remote attackers with low privileges to obtain sensitive data when a user interacts with attacker-supplied content, per CVSS 4.0 vector AV:N/AC:L/PR:L/UI:A. The flaw, classified as CWE-20 (Improper Input Validation), carries a CVSS base score of 8.4 reflecting high confidentiality and integrity impact, but EPSS is only 0.02% (5th percentile) and CISA SSVC reports no observed exploitation. No public exploit identified at time of analysis.

Information Disclosure Cribl Stream
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy