What is GHSA-9hqq-5px8-3pfv?

GHSA-9hqq-5px8-3pfv is a security advisory published by GitHub Security Advisories with High severity. Due to incomplete input validation in Idira Privileged Session Manager for SSH (PSMP) versions...

Which CVE IDs does GHSA-9hqq-5px8-3pfv cover?

GHSA-9hqq-5px8-3pfv covers the following CVE IDs: CVE-2026-45172. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

GHSA-9hqq-5px8-3pfvHigh

Due to incomplete input validation in Idira Privileged Session Manager for SSH (PSMP) versions...

Vendor

GitHub Security Advisories

Published

June 12, 2026

Last Modified

June 12, 2026

🔗 CVE IDs covered (1)

CVE-2026-45172 →

📋 Description

Due to incomplete input validation in Idira Privileged Session Manager for SSH (PSMP) versions prior to 15.0.2, 14.6.3, 14.2.5, and 14.0.6, an authenticated, low-privileged user could potentially execute arbitrary commands on the PSMP host. CyberArk Security Bulletins: CA26-17 and CA26-18

🔗 References (6)

https://nvd.nist.gov/vuln/detail/CVE-2026-45172
https://docs.cyberark.com/pam-self-hosted/latest/en/content/release%20notes/rn-whatsnew14-0-6.htm
https://docs.cyberark.com/pam-self-hosted/latest/en/content/release%20notes/rn-whatsnew14-2-5.htm
https://docs.cyberark.com/pam-self-hosted/latest/en/content/release%20notes/rn-whatsnew14-6-psmp.htm#14.6.3
https://docs.cyberark.com/pam-self-hosted/latest/en/content/release%20notes/rn-whatsnew15-0-psmp.htm#15.0.2
https://github.com/advisories/GHSA-9hqq-5px8-3pfv