CVE-2026-2475

🗓️ 01 Apr 2026 20:56:21Reported by ibmType

Open redirect in IBM Verify Identity Access and IBM Security Verify Access containers enables phishing via crafted redirects (versions eleven through eleven point zero two and ten through ten point zero nine point one).

Reporter	Title	Published	Views	Family All 9
IBM Security Bulletins	Security Bulletin: Security Vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access	2 Jun 202607:04	–	ibm
ATTACKERKB	CVE-2026-2475	1 Apr 202620:56	–	attackerkb
CNNVD	IBM Verify Identity Access Container和IBM Verify Identity Access 输入验证错误漏洞	1 Apr 202600:00	–	cnnvd
Cvelist	CVE-2026-2475 Security Vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access	1 Apr 202620:56	–	cvelist
EUVD	EUVD-2026-18032	1 Apr 202621:30	–	euvd
NVD	CVE-2026-2475	1 Apr 202621:16	–	nvd
Positive Technologies	PT-2026-29618	1 Apr 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-2475	2 Apr 202623:01	–	redhatcve
Vulnrichment	CVE-2026-2475 Security Vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access	1 Apr 202620:56	–	vulnrichment

NVD

Vulners

Node

ibm security_verify_accessRange10.0.0.0–10.0.9.1

ibm security_verify_access_containerRange10.0.0.0–10.0.9.1

ibm verify_identity_accessRange11.0.0.0–11.0.2.0

ibm verify_identity_access_containerRange11.0.0.0–11.0.2.0

[
  {
    "vendor": "IBM",
    "product": "Verify Identity Access Container",
    "versions": [
      {
        "status": "affected",
        "version": "11.0",
        "lessThanOrEqual": "11.0.2",
        "versionType": "semver"
      }
    ],
    "cpes": [
      "cpe:2.3:a:ibm:verify_identity_access_container:11.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:verify_identity_access_container:11.0.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:verify_identity_access_container:11.0.2:*:*:*:*:*:*:*"
    ]
  },
  {
    "vendor": "IBM",
    "product": "Security Verify Access Container",
    "versions": [
      {
        "status": "affected",
        "version": "10.0",
        "lessThanOrEqual": "10.0.9.1",
        "versionType": "semver"
      }
    ],
    "cpes": [
      "cpe:2.3:a:ibm:security_verify_access_container:10.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:security_verify_access_container:10.0.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:security_verify_access_container:10.0.9.1:*:*:*:*:*:*:*"
    ]
  },
  {
    "vendor": "IBM",
    "product": "Verify Identity Access",
    "versions": [
      {
        "status": "affected",
        "version": "11.0",
        "lessThanOrEqual": "11.0.2",
        "versionType": "semver"
      }
    ],
    "cpes": [
      "cpe:2.3:a:ibm:verify_identity_access:11.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:verify_identity_access:11.0.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:verify_identity_access:11.0.2:*:*:*:*:*:*:*"
    ]
  },
  {
    "vendor": "IBM",
    "product": "Security Verify Access",
    "versions": [
      {
        "status": "affected",
        "version": "10.0",
        "lessThanOrEqual": "10.0.9.1",
        "versionType": "semver"
      }
    ],
    "cpes": [
      "cpe:2.3:a:ibm:security_verify_access:10.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:security_verify_access:10.0.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:security_verify_access:10.0.9.1:*:*:*:*:*:*:*"
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/7268253

07 Apr 2026 16:31Current

6Medium risk

Vulners AI Score6

CVSS 3.13.1 - 4.7

EPSS0.00037

SSVC

CWE-601