CVE-2026-2914

EUVD-2026-8579
CyberArk Endpoint Privilege Manager Agent versions 25.10.0 and lower allow potential unauthorized privilege elevation leveraging CyberArk elevation dialogs
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
cyberarkendpoint_privilege_manager
𝑥
< 25.11.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://docs.cyberark.com/epm/latest/en/content/release%20notes/release-notes.htm
https://www.cyberark.com/product-security/