CVE Catalog
CVE-2026-39118
HighCVSS 8.4Exploitation Probability (EPSS)
Low risk0.14%
4th percentile — higher than 4% of all known CVEs
Summary
An issue in Iru, Inc Kandji Agent before v.4.7.5(5374) allows a local attacker to escalate privileges via a client validation gap to invoke restricted agent functionality.
Risk Assessment
Privilege escalation may lead to unauthorized access to sensitive system functions, posing a serious security threat to the organization.
Recommendation
It is recommended to update Kandji Agent to version 4.7.5(5374) or later to mitigate this vulnerability.
Original NVD description (English source)
An issue in Iru, Inc Kandji Agent before v.4.7.5(5374) allows a local attacker to escalate privileges via a client validation gap to invoke restricted agent functionality.

