Zero Day MonitorZDM

← Back to list

9.3

CVE-2026-1346PATCHED

ibm · verify identity access container

Security Vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access

Description

IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 could allow a locally authenticated user to escalate their privileges to root due to execution with unnecessary privileges than required.

Affected Products

Vendor	Product	Versions
ibm	verify identity access container	11.0, 10.0, 11.0, 10.0

References

https://www.ibm.com/support/pages/node/7268253(vendor-advisory, patch)

Related News (1 articles)

Tier C

VulDB2d ago

CVE-2026-1346 | IBM Verify Identity Access Container unnecessary privileges

→ No new info (linked only)

CVSS 3.19.3 CRITICAL

VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CISA KEV❌ No

Actively exploited❌ No

Patch available

https://www.ibm.com/support/pages/node/7268253

CWECWE-250

PublishedApr 8, 2026

Last enriched2d agov2

Trending Score25

Source articles1

Independent1

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-1343EXP

Security Vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access

HIGHCVE-2026-3357EXP

IBM Langflow Desktop FAISS Vector Store Remote Code Execution via malicious Pickle file

Multiple vulnerabilities in IBM App Connect Enterprise allowing data manipulation and denial of service

MEDIUMCVE-2025-13333

IBM WebSphere Application Server 9.0, and 8.5 could provide weaker than expected security during system administration of security settings.

HIGHCVE-2026-4788

Multiple Vulnerabilities affect IBM Tivoli Netcool Impact

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 8, 2026

Discovered by ZDM

Apr 8, 2026

Updated: description

Apr 8, 2026

Patch Available

Apr 9, 2026

Version History

v2

Last enriched 2d ago

v2Tier C2d ago

Updated description with new details, marked exploit availability as false, and noted no patch available.

description

via VulDB

v12d ago

Initial creation