CVE-2026-9610
LowCVSS 2.3Exploitation Probability (EPSS)
Low risk9th percentile — higher than 9% of all known CVEs
Summary
IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 expose resources or functionality that isn't linked in the UI but is accessible by directly requesting the URL, bypassing intended access controls.
Risk Assessment
The risk involves potential unauthorized access to hidden resources or functions, which could lead to data leakage or unauthorized actions within the system.
Recommendation
It is recommended to immediately update to the latest version of IBM Datacap and IBM Datacap Navigator and implement additional access control mechanisms such as multi-factor authentication and URL access auditing.
Original NVD description (English source)
IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 exposes resources or functionality that isn't linked in the UI but is accessible by directly requesting the URL, bypassing intended access controls.

