Zero Day MonitorZDM

← Back to list

7.2

CVE-2026-1343EXPLOITEDPATCHED

ibm · security_verify_access

Security Vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access

Description

IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 allows an attacker to contact internal authentication endpoints which are protected by the Reverse Proxy.

Affected Products

Vendor	Product	Versions
ibm	security_verify_access	11.0, 10.0, 11.0, 10.0

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
ibm	verify_identity_access_container	cve_cpe	95%
ibm	verify_identity_access	cve_cpe	95%
ibm	security_verify_access_container	cve_cpe	95%

References

https://www.ibm.com/support/pages/node/7268253(vendor-advisory, patch)

Related News (1 articles)

Tier C

VulDB2d ago

CVE-2026-1343 | IBM Verify Identity Access Container server-side request forgery

→ No new info (linked only)

CVSS 3.17.2 HIGH

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

https://www.ibm.com/support/pages/node/7268253

CWECWE-918

PublishedApr 8, 2026

Last enriched2d agov2

Trending Score39

Source articles1

Independent1

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-3357EXP

IBM Langflow Desktop FAISS Vector Store Remote Code Execution via malicious Pickle file

Multiple vulnerabilities in IBM App Connect Enterprise allowing data manipulation and denial of service

CRITICALCVE-2026-1346

Security Vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access

MEDIUMCVE-2025-13333

IBM WebSphere Application Server 9.0, and 8.5 could provide weaker than expected security during system administration of security settings.

HIGHCVE-2026-4788

Multiple Vulnerabilities affect IBM Tivoli Netcool Impact

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 8, 2026

Discovered by ZDM

Apr 8, 2026

Updated: severity, activelyExploited

Apr 8, 2026

Actively Exploited

Apr 8, 2026

Patch Available

Apr 8, 2026

Version History

v2

Last enriched 2d ago

v2Tier C2d ago

Updated severity to CRITICAL, marked as actively exploited, and noted that no exploit is available.

severityactivelyExploited

via VulDB

v12d ago

Initial creation