Browse all 4 CVE security advisories affecting SailPoint Technologies. AI-powered Chinese analysis, POCs, and references for each vulnerability.
SailPoint provides identity governance solutions to manage user access and compliance across enterprise systems. Historically, vulnerabilities have included cross-site scripting (XSS), remote code execution (RCE), and privilege escalation flaws, often related to input validation and session management. The company maintains a moderate CVE count with four currently recorded issues. While no major security incidents have been widely reported, the platform's privileged access controls make it a potential target for attackers seeking lateral movement. Regular security updates and proper configuration remain critical for organizations using SailPoint to mitigate risks associated with identity management systems.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-5712 | IdentityIQ Role Editor Incorrect Authorization Vulnerability — IdentityIQCWE-863 | 8.0 | High | 2026-04-29 |
| CVE-2026-4857 | SailPoint IdentityIQ Debug UI Incorrect Authorization — IdentityIQCWE-863 | 8.4 | High | 2026-04-15 |
| CVE-2025-10280 | Incorrect Content Type Cross-Site Scripting Vulnerability — IdentityIQCWE-79 | 7.1 | High | 2025-11-03 |
| CVE-2024-10905 | IdentityIQ Improper Access Control VulnerabilityIdentityIQ Improper Access Control Vulnerability — IdentityIQCWE-66 | 10.0 | Critical | 2024-12-02 |
This page lists every published CVE security advisory associated with SailPoint Technologies. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.