A vulnerability labeled as critical has been found in IBM Engineering Lifecycle Management up to 7.2.0. Impacted is an unknown function of the component XML Handler. The manipulation results in xml external entity reference.

This vulnerability is identified as CVE-2026-14979. The attack can be executed remotely. There is not any exploit available.