CVE-2026-2606 | IBM webMethods API Gateway up to 10.11_Fix32/10.15_Fix27/11.1_Fix7 Endpoint /createapi path traversal

Inserito da Angelo Barbosa | Mar 4, 2026 | CVE

A vulnerability has been found in IBM webMethods API Gateway up to 10.11_Fix32/10.15_Fix27/11.1_Fix7 and classified as critical. Impacted is an unknown function of the file /createapi of the component Endpoint. The manipulation leads to path traversal.

This vulnerability is uniquely identified as CVE-2026-2606. The attack is possible to be carried out remotely. No exploit exists.

The affected component should be upgraded.

CVE-2026-2606 | IBM webMethods API Gateway up to 10.11_Fix32/10.15_Fix27/11.1_Fix7 Endpoint /createapi path traversal

Post correlati

CVE-2024-12538 | binsaifullah Duplicate Post, Page and Any Custom Post plugin up to 3.5.3 on WordPress Password Protected Post dpp_duplicate_as_draft information disclosure

CVE-2024-6972 | Octopus Server prior 2024.1.12759/2024.2.9193 sensitive log file

CVE-2024-26787 | Linux Kernel up to 5.10.212/5.15.151/6.1.80/6.6.20/6.7.8 kernel/dma/debug.c mmci_cmd_irq memory corruption

CVE-2026-1481 | Quatuor Evaluación de Desempeño evaluacion_objetivos_anyo_sig_ver_auto.aspx Id_usuario sql injection