VYPR
Vendor

Cribl

Products
3
CVEs
4
Across products
4
Status
Private

Products

3

Recent CVEs

4
  • CVE-2019-11076CriApr 23, 2019
    risk 0.64cvss 9.8epss 0.04

    Cribl UI 1.5.0 allows remote attackers to run arbitrary commands via an unauthenticated web request.

  • CVE-2026-45392HigMay 12, 2026
    risk 0.57cvss 8.7epss 0.00

    DOM-based cross-site scripting (XSS) in Cribl Stream before 4.17.1 allows a remote attacker to execute arbitrary JavaScript in the browser of an authenticated user who is tricked into visiting a crafted URL and interacting with the page.

  • CVE-2026-45393HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    A vulnerability chain in Cribl Edge for Windows before 4.17.1 allows a local authenticated user to escalate privileges to NT AUTHORITY\SYSTEM. Incorrect default permissions on the Windows installer's authentication directory (CWE-276) expose a cryptographic secret used for JWT…

  • CVE-2026-45391HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.01

    A command injection vulnerability in Cribl Edge for Linux versions 3.2.0 through 4.17.0 allows a local unprivileged user to execute arbitrary commands in the context of the Cribl Edge service account.