CVE-2026-45392 - Vulnerability Details

Description

Reserved. Details will be published at disclosure.

Published: 2026-05-12

Score: n/a

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability description is currently reserved; no technical details are provided, so the specific nature and impact of CVE-2026-45392 remain unknown at this time. No information is available regarding how an attacker might exploit the weakness or what assets could be compromised.

Affected Systems

This issue affects installations of Cribl Stream from the vendor Cribl. Because no version information is supplied, any deployment of this product could be potentially impacted until the vendor releases further details.

Risk and Exploitability

Risk assessment cannot be performed with the available data. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog. Until Cribl publishes the specific vulnerability details and remediation, the likelihood of exploitation remains undetermined. Monitoring vendor communications for updates is advised.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Cribl

Cribl Stream

unaffected

Version	Status	Constraints
`0`	affected	< 4.17.1

No data.

Vendor Product Confidence Versions

Cribl

Cribl Stream

100%

Version	Status	Scheme	Platform
`[0,4.17.1)`	affected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Check Cribl’s release notes and notification channels for any security fixes related to this vulnerability
Limit external network access to Cribl Stream instances until a confirmed patch is applied
Plan and schedule a mid‑cycle patch once the vendor releases the definitive fix

Generated by OpenCVE AI on May 12, 2026 at 03:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00018.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://docs.cribl.io/stream/release-notes/release-v4171#security-fixes
https://trust.cribl.io/notifications

History

Tue, 12 May 2026 10:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Cribl Cribl cribl Stream
Vendors & Products		Cribl Cribl cribl Stream

Tue, 12 May 2026 04:15:00 +0000

Type	Values Removed	Values Added
Title		Reserved Vulnerability in Cribl Stream
Weaknesses		CWE-200 CWE-284

Tue, 12 May 2026 02:00:00 +0000

Type	Values Removed	Values Added
Description		Reserved. Details will be published at disclosure.
References		https://docs.cribl.io/stream/release-notes/release-v4171#security-fixes https://trust.cribl.io/notifications

Subscriptions

Cribl Cribl Stream

MITRE

Status: PUBLISHED

Assigner: Cribl

Published: 2026-05-12T01:06:26.339Z

Updated: 2026-05-12T01:06:26.339Z

Reserved: 2026-05-12T01:05:53.672Z

Link: CVE-2026-45392

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2026-05-12T02:16:13.220

Modified: 2026-05-12T14:16:49.657

Link: CVE-2026-45392

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-12T09:22:11Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object