Vulnerability in Ibm Datacap
CVE-2026-9610
IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 exposes resources or functionality that isn't linked in the UI but is accessible by directly requesting the URL, bypassing intended access controls.
CVSS v3 metric
CVSS v3 base score 2.3 (Low). Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N.
Affected products
- Ibm Datacap — versions 9.1.7, 9.1.8, 9.1.9
- Ibm Datacap Navigator — versions 9.1.7, 9.1.8, 9.1.9
Weakness classification (CWE)
References
- psirt@us.ibm.com (vendor-advisory, patch)
Frequently asked questions
- What is CVE-2026-9610?
- CVE-2026-9610 is a low-severity vulnerability in Ibm Datacap, classified under Direct Request (Forced Browsing). CVSS score: 2.3/10. Published 2026-06-22.
- How severe is CVE-2026-9610?
- Low severity. CVSS v3 base score is 2.3 out of 10.