CVE-2026-2606 | IBM webMethods API Gateway up to 10.11_Fix32/10.15_Fix27/11.1_Fix7 Endpoint /createapi path traversal

Inserito da Angelo Barbosa | Mar 4, 2026 | CVE

A vulnerability has been found in IBM webMethods API Gateway up to 10.11_Fix32/10.15_Fix27/11.1_Fix7 and classified as critical. Impacted is an unknown function of the file /createapi of the component Endpoint. The manipulation leads to path traversal.

This vulnerability is uniquely identified as CVE-2026-2606. The attack is possible to be carried out remotely. No exploit exists.

The affected component should be upgraded.

CVE-2026-2606 | IBM webMethods API Gateway up to 10.11_Fix32/10.15_Fix27/11.1_Fix7 Endpoint /createapi path traversal

Post correlati

CVE-2025-13057 | Campcodes School Fees Payment Management System 1.0 ajax.php?action=save_student ID sql injection

CVE-2024-21463 | Qualcomm Snapdragon Codec2 memory corruption

CVE-2024-39275 | Advantech ADAM-5630 up to 2.5.1 persistent cookies containing sensitive information (icsa-24-270-02)

CVE-2024-13866 | appsbd Simple Notification Plugin up to 1.3 on WordPress cross site scripting