Deserialization Vulnerability in API Gateway Server by Broadcom
CVE-2026-11815

5.3MEDIUM

Key Information:

Vendor

Broadcom

Vendor
CVE Published:
10 June 2026

What is CVE-2026-11815?

A vulnerability has been identified where an attacker can intercept and manipulate data traffic between a client application and the API Gateway server. This flaw permits the potential deserialization of arbitrary objects, which can compromise security constraints and might allow for remote code execution. Addressing this issue is critical to maintain the integrity of data and prevent unauthorized actions within the system.

Affected Version(s)

Layer 7 API Gateway 11.2.1

References

CVSS V4

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

UWV
.