CVE Catalog

CVE-2026-39118

HighCVSS 8.4
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.14%

4th percentile — higher than 4% of all known CVEs

Summary

An issue in Iru, Inc Kandji Agent before v.4.7.5(5374) allows a local attacker to escalate privileges via a client validation gap to invoke restricted agent functionality.

Risk Assessment

Privilege escalation may lead to unauthorized access to sensitive system functions, posing a serious security threat to the organization.

Recommendation

It is recommended to update Kandji Agent to version 4.7.5(5374) or later to mitigate this vulnerability.

Original NVD description (English source)

An issue in Iru, Inc Kandji Agent before v.4.7.5(5374) allows a local attacker to escalate privileges via a client validation gap to invoke restricted agent functionality.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS