Description
A command injection vulnerability in Cribl Edge for Linux versions 3.2.0 through 4.17.0 allows a local unprivileged user to execute arbitrary commands in the context of the Cribl Edge service account.
Published: 2026-05-12
Score: 8.5 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A public description of CVE-2026-45391 is currently reserved; no details on the nature of the vulnerability or potential impact have been released. Based on the identified weakness category, the vulnerability is classified as improper input validation (CWE-20). Consequently, the specific weakness, affected components, and threat model remain unknown, preventing a definitive statement about how an attacker might exploit the system or what confidentiality, integrity, or availability consequences could arise.

Affected Systems

The vulnerability is reported for Cribl Edge by Cribl. No specific version information has been provided, so the scope applies to all releases of Cribl Edge that are not known to contain a patch.

Risk and Exploitability

The CVSS score of 9.8 signals a high severity vulnerability, indicating a potential for significant compromise if exploited. The EPSS score is below 1%, suggesting a low likelihood of exploitation in the near term, and the vulnerability is not listed in the CISA KEV catalog. Because no official description has been released, the specific attack vector, exploitation prerequisites, and impact details remain unknown, preventing precise risk quantification.

Generated by OpenCVE AI on May 15, 2026 at 12:52 UTC.

Remediation

Vendor Solution

Upgrade Cribl Edge to v4.17.1 or higher. Upgrading fully resolves this vulnerability and no additional mitigation is required. As a defense-in-depth best practice (independent of this CVE), running Cribl Edge as an unprivileged Linux user is recommended; see https://docs.cribl.io/edge/deploy-linux/ for guidance.

OpenCVE Recommended Actions

  • Subscribe to Cribl's security notifications to receive timely alerts about the availability of a fix.
  • Install the latest stable release of Cribl Edge as soon as a patch addressing the vulnerability is published.
  • Limit network exposure by restricting inbound traffic to the Cribl Edge instance to trusted IP addresses and applying appropriate firewall rules.

Generated by OpenCVE AI on May 15, 2026 at 12:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 02 Jun 2026 17:15:00 +0000

Type Values Removed Values Added
Description Reserved. Details will be published at disclosure. A command injection vulnerability in Cribl Edge for Linux versions 3.2.0 through 4.17.0 allows a local unprivileged user to execute arbitrary commands in the context of the Cribl Edge service account.
Title High Severity Vulnerability in Cribl Edge Local privilege escalation in Cribl Edge for Linux
Weaknesses CWE-78
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

 cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Fri, 15 May 2026 13:15:00 +0000

Type Values Removed Values Added
Title High Severity Vulnerability in Cribl Edge

Fri, 15 May 2026 11:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-20
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 12 May 2026 09:15:00 +0000

Type Values Removed Values Added
First Time appeared Cribl
Cribl cribl
Vendors & Products Cribl
Cribl cribl

Tue, 12 May 2026 02:00:00 +0000

Type Values Removed Values Added
Description Reserved. Details will be published at disclosure.
References

Subscriptions

Cribl Cribl
cve-icon MITRE

Status: PUBLISHED

Assigner: Cribl

Published:

Updated: 2026-06-02T15:51:55.156Z

Reserved: 2026-05-12T01:05:53.671Z

Link: CVE-2026-45391

cve-icon Vulnrichment

Updated: 2026-05-14T12:05:31.297Z

cve-icon NVD

Status : Deferred

Published: 2026-05-12T02:16:13.107

Modified: 2026-06-02T17:16:33.457

Link: CVE-2026-45391

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-15T13:00:11Z

Weaknesses