Vulnerability in Strongdm Desktop Application

CVE-2026-4387

StrongDM Desktop Application before 23.74.0 (Desktop Client before 53.77.0) on Microsoft Windows stores authentication state, including a JSON Web Token and asymmetric key material, in cleartext in a per-user state file located at C:\Users…

EPSS: 0.000 (0.6th percentile) — read the EPSS interpretation.