CRITICALVulnerability
Verified
Global

NVD CRITICAL: CVE-2026-9074 — IBM API Connect 10.0.8.0 through 10.0.8.9 and 12.1.0.0 through 12.1.0.3 contains...

·Source: NIST NVD

Updated:

Executive Summary

IBM API Connect 10.0.8.0 through 10.0.8.9 and 12.1.0.0 through 12.1.0.3 contains an unauthenticated SQL injection vulnerability in the password reset functionality.

Analysis

IBM API Connect 10.0.8.0 through 10.0.8.9 and 12.1.0.0 through 12.1.0.3 contains an unauthenticated SQL injection vulnerability in the password reset functionality. CVSS Score: 9.1. Published: 2026-07-08T16:16:35.050.

Indicators of Compromise (5)

Source Attribution

Originally published by NIST NVD on Jul 8, 2026. Verified by: NIST.

Related Threats