Home / Security updates / CVE-2026-45391: Local privilege escalation in Cribl Edge for Linux (HIGH)
CVE-2026-45391: Local privilege escalation in Cribl Edge for Linux (HIGH)
Security updates detail rendered from /security-updates/upd_59f981ee65b7bf33.
Overview
| ID | upd_59f981ee65b7bf33 |
| Collection | Security Updates |
| Provider | TrustShare (TrustCloud / Kintent) |
| Company | Cribl |
| URL | - |
| Counts | - |
| Updated | - |
Raw record
| Field | Value |
|---|---|
| id | upd_59f981ee65b7bf33 |
| providerId | trustshare |
| organizationId | org_db5a178977544c0d |
| trustCenterId | tc_3321b21a903010d8 |
| title | CVE-2026-45391: Local privilege escalation in Cribl Edge for Linux (HIGH) |
| type | cve_publication |
| message | CVE-2026-45391 — Local privilege escalation in Cribl Edge for Linux A command injection vulnerability in Cribl Edge for Linux versions 3.2.0 through 4.17.0 allows a local unprivileged user to execute arbitrary commands in the context of the Cribl Edge service account. Severity: HIGH CVSS:3.1 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) CVSS:4.0 8.5 (AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N) Weakness: CWE-78 (OS Command Injection) Affected: Cribl Edge for Linux 3.2.0 through 4.17.0 Fixed in: Cribl Edge 4.17.1 Solution Upgrade Cribl Edge to v4.17.1 or higher. Upgrading fully resolves this vulnerability and no additional mitigation is required. As a defense-in-depth best practice (independent of this CVE), running Cribl Edge as an unprivileged Linux user is recommended; see https://docs.cribl.io/edge/deploy-linux/ for guidance. References - https://www.cve.org/CVERecord?id=CVE-2026-45391 - https://docs.cribl.io/edge/release-notes/release-v4171#security-fixes Credit: Zach Rayburn, Cribl Product Security (internal discovery) |
| publishedAt | 2026-06-02 |
| gated | no |
| source | {
"field": "trustshare/notifications[]"
} |
| company | {
"id": "org_db5a178977544c0d",
"name": "Cribl",
"domains": [
"trust.cribl.io",
"cribl.io"
]
} |
| trust_center | {
"id": "tc_3321b21a903010d8",
"name": "Cribl",
"url": "https://trust.cribl.io",
"host": "trust.cribl.io"
} |
| provider | {
"id": "trustshare",
"name": "TrustShare (TrustCloud / Kintent)"
} |
| links | {
"self": "/v1/security-updates/upd_59f981ee65b7bf33",
"company": "/v1/companies/org_db5a178977544c0d",
"trust_center": "/v1/trust-centers/tc_3321b21a903010d8",
"provider": "/v1/providers/trustshare"
} |
Get this page with API
Rendered from the bluedoor Trust Centers API. Reproduce it:
GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_59f981ee65b7bf33JSON