Lucene search
K

787 matches found

Tenable Nessus
Tenable Nessus
added 5 days ago4 views

IBM App Connect Enterprise 12.0.1.x < 12.0.12.27 / 13.0.1.x < 13.0.8.0 SQL Injection (7278350)

IBM App Connect Enterprise 13.0.1.0 through 13.0.7.2, and 12.0.1.0 through 12.0.12.26 is vulnerable to SQL injection. A remote attacker could socially engineer a user into accidentally creating files they may not be aware of. Note that Nessus has not tested for this issue but has instead relied...

5.5CVSS6AI score0.00183EPSS
Exploits0References2
NVD
NVD
added 2026/06/30 8:17 p.m.6 views

CVE-2026-3602

IBM App Connect Enterprise 13.0.1.0 through 13.0.7.2, and 12.0.1.0 through 12.0.12.26 and IBM Integration Bus for z/OS 10.1.0.0 through 10.1.0.7 is vulnerable to SQL injection. A remote attacker could socially engineer a user into accidentally creating files they may not be aware of...

5.5CVSS0.00183EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/30 7:19 p.m.5 views

EUVD-2026-40385

IBM App Connect Enterprise 13.0.1.0 through 13.0.7.2, and 12.0.1.0 through 12.0.12.26 and IBM Integration Bus for z/OS 10.1.0.0 through 10.1.0.7 is vulnerable to SQL injection. A remote attacker could socially engineer a user into accidentally creating files they may not be aware of...

4.7CVSS5.9AI score0.00183EPSS
Exploits0References1
CVE
CVE
added 2026/06/30 7:19 p.m.18 views

CVE-2026-3602

IBM App Connect Enterprise and IBM Integration Bus for z/OS toolkit are vulnerable to SQL injection (CWE-73). Affected: IBM App Connect Enterprise versions 13.0.1.0–13.0.7.2 and 12.0.1.0–12.0.12.26; IBM Integration Bus for z/OS 10.1.0.0–10.1.0.7. Root cause: external control of file name or path ...

5.5CVSS5.9AI score0.00183EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.5 views

PT-2026-53945

Name of the Vulnerable Software and Affected Versions IBM App Connect Enterprise versions 13.0.1.0 through 13.0.7.2 IBM App Connect Enterprise versions 12.0.1.0 through 12.0.12.26 IBM Integration Bus for z/OS versions 10.1.0.0 through 10.1.0.7 Description SQL injection allows a remote attacker to...

5.5CVSS6AI score0.00183EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 2:36 p.m.4 views

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to Out-of-bounds Write due to OpenSSL (CVE-2025-15467)

Summary IBM App Connect Enterprise and IBM Integration Bus for z/OS Database node users are vulnerable to Out-of-bounds Write due to OpenSSL. Vulnerability Details CVEID:CVE-2025-15467 DESCRIPTION: Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD...

9.8CVSS7.9AI score0.47621EPSS
Exploits7Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 11:20 a.m.5 views

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus for z/OS toolkit is vulnerable to an sql injection (CVE-2026-3602)

Summary IBM App Connect Enterprise and IBM Integration Bus for z/OS toolkit is vulnerable to an sql injection. Vulnerability Details CVEID:CVE-2026-3602 DESCRIPTION: IBM App Connect Enterprise is vulnerable to SQL injection. A remote attacker could socially engineer a user into accidentally...

5.5CVSS5.9AI score0.00183EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 8:48 a.m.4 views

Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to Bouncy Castle (CVE-2026-0636,CVE-2026-5598,CVE-2026-5588&CVE-2026-3505)

Summary IBM App Connect Enterprise Toolkit and Runtime are vulnerable to multiple vulnerabilities due to Bouncy Castle. Vulnerability Details CVEID:CVE-2026-0636 DESCRIPTION: Improper neutralization of special elements used in an LDAP query 'LDAP injection' vulnerability in Legion of the Bouncy...

9.9CVSS5.8AI score0.00758EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/16 10:39 a.m.8 views

Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to Node.js module path-to-regexp

Summary IBM App Connect Enterprise runtime and IBM App Connect Enterprise Discovery Connectors are vulnerable to multiple vulnerabilities due to Node.js module path-to-regexp. Vulnerability Details CVEID:CVE-2026-4867 DESCRIPTION: Impact: A bad regular expression is generated any time you have...

7.5CVSS5.5AI score0.00791EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/09 8:37 a.m.9 views

Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to xmldom (CVE-2026-41672, CVE-2026-41673, CVE-2026-41674 & CVE-2026-41675)

Summary IBM App Connect Enterprise Connector Discovery and OpenAPI Editor, IBM App Connect Enterprise Discovery Connectors and IBM App Connect Enterprise runtime are vulnerable to multiple vulnerabilities due to xmldom. Vulnerability Details CVEID:CVE-2026-41672 DESCRIPTION: xmldom is a pure...

8.7CVSS5.6AI score0.00643EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/04 3:5 p.m.9 views

Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationRuntime and IntegrationServer operands that use Kafka are vulnerable to loss of confidentiality (CVE-2025-27817, CVE-2025-27818)

Summary Apache Kafka Client is used by IBM App Connect Enterprise Certified Container when running flows that connect to a Kafka server. IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that use Kafka Client are vulnerable to loss of confidentiality...

8.8CVSS6.7AI score0.62368EPSS
Exploits2Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/02 10:2 p.m.15 views

CVE-2026-5515

IBM App Connect Enterprise 13.0.1.0 through 13.0.7.0 stores potentially sensitive information in log files that could be read by a local user...

5.5CVSS5.8AI score0.001EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/01 9:28 a.m.12 views

Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates

Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 12.0.24 and 13.2.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported vulnerabilities...

9.8CVSS6.2AI score0.00882EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/27 12:58 p.m.15 views

CVE-2026-5515 IBM App Connect Enterprise is vulnerable to a confidential disclosure

IBM App Connect Enterprise 13.0.1.0 through 13.0.7.0 stores potentially sensitive information in log files that could be read by a local user...

5.5CVSS5.8AI score0.001EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/27 12:58 p.m.39 views

CVE-2026-5515 IBM App Connect Enterprise is vulnerable to a confidential disclosure

IBM App Connect Enterprise 13.0.1.0 through 13.0.7.0 stores potentially sensitive information in log files that could be read by a local user...

5.5CVSS0.001EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/27 12:58 p.m.15 views

EUVD-2026-32461

IBM App Connect Enterprise 13.0.1.0 through 13.0.7.0 stores potentially sensitive information in log files that could be read by a local user...

5.5CVSS5.8AI score0.001EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:58 p.m.11 views

CVE-2026-5515

IBM App Connect Enterprise 13.0.1.0 through 13.0.7.0 stores potentially sensitive information in log files that could be read by a local user...

5.5CVSS5.8AI score0.001EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.31 views

PT-2026-43976

Name of the Vulnerable Software and Affected Versions IBM App Connect Enterprise versions 13.0.1.0 through 13.0.7.0 Description Sensitive information is stored in log files, which may allow a local user to read this data. Recommendations At the moment, there is no information about a newer versio...

5.5CVSS5.8AI score0.001EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

IBM App Connect Enterprise 安全漏洞

IBM App Connect Enterprise is an operating system developed by IBM Corporation. IBM App Connect Enterprise combines existing, industry-trusted IBM Integration Bus technology with IBM App Connect Professional and new cloud-native technologies, providing a platform that meets the comprehensive...

5.5CVSS5.8AI score0.001EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/22 3:39 p.m.9 views

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to multiple vulnerabilities due to IBM Java SDK

Summary There are multiple vulnerabilities in IBM Java SDK, Java Technology Edition used by IBM App Connect Enterprise and IBM Integration Bus for z/OS . Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION: Easily exploitable vulnerability allows unauthenticated attacker with network access vi...

7.5CVSS7.2AI score0.00702EPSS
Exploits0Affected Software2
Rows per page
Query Builder