Product
high
advisory
CVE-2026-3144 - IBM API Connect Default Credentials Vulnerability
1 TTP 1 CVEIBM API Connect versions 12.1.0.0 through 12.1.0.3 are vulnerable to unauthorized access due to the use of default credentials, allowing an attacker to gain initial access to the application before the system enforces a credential update.
API Connect +3
vulnerability-exploitation
default-credentials
ibm
api-connect
initial-access
1t
1c
critical
advisory
Unauthenticated SQL Injection in IBM API Connect (CVE-2026-9074)
1 rule 3 TTPs 1 CVEIBM API Connect versions 10.0.8.0 through 10.0.8.9 and 12.1.0.0 through 12.1.0.3 are vulnerable to an unauthenticated SQL injection (CVE-2026-9074) in the password reset functionality, potentially leading to unauthorized data access or authentication bypass.
API Connect +13
sql-injection
web-vulnerability
critical-vulnerability
api-management
1r
3t
1c