VYPR
High severity8.0NVD Advisory· Published Apr 29, 2026· Updated May 5, 2026

CVE-2026-5712

CVE-2026-5712

Description

This vulnerability impacts all versions of IdentityIQ and allows an authenticated identity that is the requestor or assignee of a work item to edit the definition of a role without having an assigned capability that would allow role editing.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

11
  • cpe:2.3:a:sailpoint:identityiq:*:*:*:*:*:*:*:*+ 10 more
    • cpe:2.3:a:sailpoint:identityiq:*:*:*:*:*:*:*:*range: <8.3
    • cpe:2.3:a:sailpoint:identityiq:8.3:-:*:*:*:*:*:*
    • cpe:2.3:a:sailpoint:identityiq:8.3:patch1:*:*:*:*:*:*
    • cpe:2.3:a:sailpoint:identityiq:8.3:patch2:*:*:*:*:*:*
    • cpe:2.3:a:sailpoint:identityiq:8.3:patch4:*:*:*:*:*:*
    • cpe:2.3:a:sailpoint:identityiq:8.4:-:*:*:*:*:*:*
    • cpe:2.3:a:sailpoint:identityiq:8.4:patch1:*:*:*:*:*:*
    • cpe:2.3:a:sailpoint:identityiq:8.4:patch2:*:*:*:*:*:*
    • cpe:2.3:a:sailpoint:identityiq:8.5:-:*:*:*:*:*:*
    • cpe:2.3:a:sailpoint:identityiq:8.5:patch1:*:*:*:*:*:*
    • (no CPE)range: all versions

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.