Malicious Scripting Vulnerability in IBM Verify Identity and Security Access Products
CVE-2026-1342

8.5HIGH

Key Information:

Vendor: IBM
Status: Verify Identity Access Container; Security Verify Access Container; Verify Identity Access; Security Verify Access
Vendor: CVE Published:; 7 April 2026

What is CVE-2026-1342?

A vulnerability exists within IBM Verify Identity Access and IBM Security Verify Access products, which allows a locally authenticated user to execute potentially harmful scripts outside their designated permissions. This security flaw affects specific versions of the software and emphasizes the necessity for users to apply the latest security updates to mitigate the risk of unauthorized actions that could compromise the system.

Affected Version(s)

Security Verify Access 10.0 <= 10.0.9.1

Security Verify Access Container 10.0 <= 10.0.9.1

Verify Identity Access 11.0 <= 11.0.2

References

https://www.ibm.com/support/pages/node/7268253

vendor-advisorypatch

CVSS V3.1

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 7, 2026
Vulnerability Reserved
Jan 22, 2026

CVE-2026-1342 Data

JSON