CVE Tools

cyberark

Security ProductsUScommercial

21

Cumulative CVEs

4

Monthly snapshots

#103

Peak rank

Top products

Latest CVEs

The 15 most recently published vulnerabilities affecting cyberark.

CVE-2026-2914CyberArk Endpoint Privilege Manager Agent versions 25.10.0 and lower allow potential unauthorized privilege elevation leveraging CyberArk elevation dialogs7.8Feb 25, 2026
CVE-2025-66374CyberArk Endpoint Privilege Manager Agent through 25.10.0 allows a local user to achieve privilege escalation through policy elevation of an Administration task.7.8Feb 3, 2026
CVE-2025-46382CWE-200 Exposure of Sensitive Information to an Unauthorized Actor5.3Jul 20, 2025
CVE-2025-49831Conjur OSS and Secrets Manager, Self-Hosted (formerly Conjur Enterprise) vulnerable to IAM Authenticator Bypass via Mis-configured Network Device9.8Jul 15, 2025
CVE-2025-49830Conjur OSS and Secrets Manager, Self-Hosted (formerly Conjur Enterprise) vulnerable to path traversal and file disclosure6.5Jul 15, 2025
CVE-2025-49829Conjur OSS and Secrets Manager, Self-Hosted (formerly Conjur Enterprise) missing validations6.5Jul 15, 2025
CVE-2025-49828Conjur OSS and Secrets Manager, Self-Hosted (formerly Conjur Enterprise) Vulnerable to Remote Code Execution8.8Jul 15, 2025
CVE-2025-49827Conjur OSS and Secrets Manager, Self-Hosted (formerly Conjur Enterprise) Vulnerable to Bypass of IAM Authenticator9.8Jul 15, 2025
CVE-2024-57967PVWA (Password Vault Web Access) in CyberArk Privileged Access Manager Self-Hosted before 14.4 has potentially elevated privileges in LDAP mapping.4.2Feb 3, 2025
CVE-2024-54840PVWA (Password Vault Web Access) in CyberArk Privileged Access Manager Self-Hosted before 14.4 does not properly address environment issues that can contribute to Host header injection.4.2Feb 3, 2025
CVE-2024-42340CyberArk - CWE-602: Client-Side Enforcement of Server-Side Security8.3Aug 25, 2024
CVE-2024-42339CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor4.3Aug 25, 2024
CVE-2024-42338CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor4.3Aug 25, 2024
CVE-2024-42337CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor4.3Aug 25, 2024
CVE-2017-11197In CyberArk Viewfinity 5.5.10.95 and 6.x before 6.1.1.220, a low privilege user can escalate to an administrative user via a bug within the "add printer" option.7.8May 3, 2023