CRITICALVulnerability
Verified
Global
NVD CRITICAL: CVE-2026-9074 — IBM API Connect 10.0.8.0 through 10.0.8.9 and 12.1.0.0 through 12.1.0.3 contains...
·Source: NIST NVD
Updated:
Executive Summary
IBM API Connect 10.0.8.0 through 10.0.8.9 and 12.1.0.0 through 12.1.0.3 contains an unauthenticated SQL injection vulnerability in the password reset functionality.
Analysis
IBM API Connect 10.0.8.0 through 10.0.8.9 and 12.1.0.0 through 12.1.0.3 contains an unauthenticated SQL injection vulnerability in the password reset functionality. CVSS Score: 9.1. Published: 2026-07-08T16:16:35.050.