CVE-2026-45391
Deferred Deferred - Pending Action
Remote Code Execution in Reserved Product

Publication date: 2026-05-12

Last updated on: 2026-06-02

Assigner: af879a92-7297-456a-bb0e-905ac6c64bdc

Description
A command injection vulnerability in Cribl Edge for Linux versions 3.2.0 through 4.17.0 allows a local unprivileged user to execute arbitrary commands in the context of the Cribl Edge service account.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-12
Last Modified
2026-06-02
Generated
2026-06-21
AI Q&A
2026-05-12
EPSS Evaluated
2026-06-20
NVD
CVE-2026-45391
EUVD
EUVD-2026-29355
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
cribl edge to 4.17.1 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Mitigation Strategies

To mitigate CVE-2026-45391, it is strongly advised to upgrade Cribl Edge to version 4.17.1 or later.

This update addresses critical security vulnerabilities affecting both Linux and Windows systems and helps prevent unauthorized access or other malicious activities.

Keeping your software up to date is essential to protect against this and other potential security threats.

Executive Summary

CVE-2026-45391 is a critical security vulnerability found in Cribl Edge versions prior to 4.17.1, affecting both Linux and Windows systems. The vulnerability, identified as CRIBL-39556 and CRIBL-39749, could allow unauthorized access or other malicious activities if not addressed.

Cribl recommends upgrading to version 4.17.1 or later to mitigate this risk. Further technical details are available on Cribl’s Trust Portal for authorized users.

Impact Analysis

This vulnerability could allow unauthorized access or other malicious activities on affected systems running Cribl Edge versions prior to 4.17.1. Such unauthorized access may lead to data breaches, system compromise, or disruption of services.

To prevent these impacts, it is strongly advised to upgrade to Cribl Edge version 4.17.1 or later.

Compliance Impact

CVE-2026-45391 is a critical security vulnerability that could allow unauthorized access or other malicious activities if not mitigated. Such vulnerabilities can potentially impact compliance with common standards and regulations like GDPR and HIPAA, which require protection of sensitive data and prevention of unauthorized access.

Cribl strongly advises upgrading to version 4.17.1 or later to mitigate this risk, highlighting the importance of keeping software up to date to maintain security and compliance.

Detection Guidance

CVE-2026-45391 affects Cribl Edge versions prior to 4.17.1 on both Linux and Windows systems. The recommended method to address this vulnerability is to upgrade to version 4.17.1 or later.

No specific detection commands or network/system detection methods are provided in the available resources. For detailed technical information, including detection or mitigation steps, it is advised to consult Cribl’s Trust Portal, which requires login credentials.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-45391. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart