wid-sec-w-2026-0895 · Published 2026-03-26 · View on BSI CERT-Bund ↗

IBM App Connect Enterprise: Multiple Vulnerabilities

CVSS 9.2 CRITICAL

Risk Summary

Ein Angreifer kann mehrere Schwachstellen in IBM App Connect Enterprise ausnutzen, um Dateien zu manipulieren, um einen Denial of Service Angriff durchzuführen, um beliebigen Programmcode auszuführen, und um einen Cross-Site Scripting Angriff durchzuführen.

CVEs (4)

CVE-2026-33230 CVE-2026-33231 CVE-2026-33236 CVE-2026-1615

Affected Vendors

IBM

Affected Products (6)

IBM · App Connect Enterprise <11.6.0

IBM · App Connect Enterprise 11.6.0

IBM · App Connect Enterprise <12.21.0

IBM · App Connect Enterprise 12.21.0

IBM · App Connect Enterprise LTS <12.0.22

IBM · App Connect Enterprise LTS 12.0.22

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more