CVE Catalog

CVE-2026-9610

LowCVSS 2.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.19%

9th percentile — higher than 9% of all known CVEs

Summary

IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 expose resources or functionality that isn't linked in the UI but is accessible by directly requesting the URL, bypassing intended access controls.

Risk Assessment

The risk involves potential unauthorized access to hidden resources or functions, which could lead to data leakage or unauthorized actions within the system.

Recommendation

It is recommended to immediately update to the latest version of IBM Datacap and IBM Datacap Navigator and implement additional access control mechanisms such as multi-factor authentication and URL access auditing.

Original NVD description (English source)

IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 exposes resources or functionality that isn't linked in the UI but is accessible by directly requesting the URL, bypassing intended access controls.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS