Question 1

What is CVE-2026-45172 — CVE-2026-45172?

Accepted Answer

Due to incomplete input validation in Idira Privileged Session Manager for SSH (PSMP) versions prior to 15.0.2, 14.6.3, 14.2.5, and 14.0.6, an authenticated, low-privileged user could potentially execute arbitrary commands on the PSMP host. CyberArk Security Bulletins: CA26-17 and CA26-18

Question 2

What is the authoritative source for CVE-2026-45172?

Accepted Answer

CVE-2026-45172 (CVE-2026-45172) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

EPSS	0.46% probability of exploitation · percentile 36.7% · 2026-06-19T12:03:05Z
Last modified	2026-06-12

CVE-2026-45172CVE-2026-45172

Description

Scoring