Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Wed, 08 Jul 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 08 Jul 2026 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | IBM API Connect 10.0.8.0 through 10.0.8.9 and 12.1.0.0 through 12.1.0.3 contains an unauthenticated SQL injection vulnerability in the password reset functionality. | |
| Title | IBM API Connect SQL Injection | |
| First Time appeared |
Ibm
Ibm api Connect |
|
| Weaknesses | CWE-89 | |
| CPEs | cpe:2.3:a:ibm:api_connect:10.0.8.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:api_connect:10.0.8.9:*:*:*:*:*:*:* cpe:2.3:a:ibm:api_connect:12.1.0.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:api_connect:12.1.0.3:*:*:*:*:*:*:* |
|
| Vendors & Products |
Ibm
Ibm api Connect |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: ibm
Published:
Updated: 2026-07-08T15:50:07.403Z
Reserved: 2026-05-20T12:31:24.875Z
Link: CVE-2026-9074
Updated: 2026-07-08T15:49:58.136Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-08T17:45:03Z