wid-sec-w-2026-1654 · Published 2026-05-21 · View on BSI CERT-Bund ↗

IBM App Connect Enterprise: Multiple Vulnerabilities

CVSS N/A NONE

Risk Summary

Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM App Connect Enterprise ausnutzen, um beliebigen Programmcode auszuführen, Daten zu manipulieren, Cross-Site-Scripting-Angriffe durchzuführen, vertrauliche Informationen offenzulegen oder einen Denial-of-Service-Zustand auszulösen.

CVEs (10)

CVE-2021-23337 CVE-2026-27141 CVE-2026-4800 CVE-2026-33750 CVE-2026-40186 CVE-2026-40895 CVE-2026-41305 CVE-2026-41650 CVE-2026-42264 CVE-2026-41242

Affected Vendors

IBM

Affected Products (8)

IBM · App Connect Enterprise Certified Container <13.1.0

IBM · App Connect Enterprise Certified Container 13.1.0

IBM · App Connect Enterprise Certified Container <12.0.24

IBM · App Connect Enterprise Certified Container 12.0.24

IBM · App Connect Enterprise Certified Container <13.0.7.2

IBM · App Connect Enterprise Certified Container 13.0.7.2

IBM · App Connect Enterprise Certified Container <12.0.12.26

IBM · App Connect Enterprise Certified Container 12.0.12.26

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more