Cross-Origin Resource Sharing Vulnerability in IBM DevOps Deploy Products
CVE-2026-12084

5.4MEDIUM

Key Information:

Vendor: IBM
Status: Ucd - IBM Devops Deploy
Vendor: CVE Published:; 30 June 2026

What is CVE-2026-12084?

IBM DevOps Deploy versions 8.1 up to 8.1.2.6, and 8.2 up to 8.2.1.0 include a vulnerability related to Cross-Origin Resource Sharing (CORS). This security issue arises because the application does not properly restrict the domain names that are allowed to make cross-origin requests. As a result, an attacker could exploit this weakness to perform unauthorized actions or access sensitive information from the application, potentially leading to data breaches or compromise of user privacy. Regular updates and strict domain whitelisting are recommended to mitigate this risk.

Affected Version(s)

UCD - IBM DevOps Deploy 8.1.0 <= 8.1.2.6

UCD - IBM DevOps Deploy 8.2.0 <= 8.2.1.0

References

https://www.ibm.com/support/pages/node/7277575

vendor-advisorypatch

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 30, 2026
Vulnerability Reserved
Jun 12, 2026

CVE-2026-12084 Data

JSON