Idira Secrets Manager SaaS Edge < 1.8: Authentication Bypass via Improper Access Control (CVE-2026-45177)
critical-cve-against-infra · active
Idira Secrets Manager SaaS Edge versions before 1.8 contain an improper access control flaw in its internal authentication components. A remote, unauthenticated attacker can send a specially crafted request to bypass identity verification and obtain an access token. Upgrade to version 1.8 or later.