What is CVE-2026-6936?

CVE-2026-6936 is a medium-severity vulnerability in Ibm I, classified under Uncontrolled Recursion. CVSS score: 6.5/10. Published 2026-05-27.

How severe is CVE-2026-6936?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Vulnerability in Ibm I

CVE-2026-6936

IBM i 7.6, 7.5, 7.4, and 7.3 s vulnerable to a denial-of-service attack due to uncontrolled recursion in the Integrated Language Environment (ILE) compiler. An authenticated attacker could exploit this vulnerability by compiling specially…

EPSS: 0.000 (14.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.

Affected products

Ibm I — versions 7.6, 7.5, 7.4

Weakness classification (CWE)

CWE-674 — Uncontrolled Recursion

References

psirt@us.ibm.com (vendor-advisory, patch, Vendor Advisory)

Frequently asked questions

What is CVE-2026-6936?: CVE-2026-6936 is a medium-severity vulnerability in Ibm I, classified under Uncontrolled Recursion. CVSS score: 6.5/10. Published 2026-05-27.
How severe is CVE-2026-6936?: Medium severity. CVSS v3 base score is 6.5 out of 10.