Improper Input Validation in IBM Verify Identity Access and Security Verify Access Containers
CVE-2026-1345

7.3HIGH

Key Information:

Vendor: IBM
Status: Verify Identity Access Container; Security Verify Access Container; Verify Identity Access; Security Verify Access
Vendor: CVE Published:; 1 April 2026

What is CVE-2026-1345?

IBM Verify Identity Access and Security Verify Access are susceptible to a vulnerability that arises from improper validation of user-supplied input. This flaw may allow an unauthenticated user to execute arbitrary commands on the system with reduced user privileges, posing a significant risk to the integrity and security of affected installations. The issue is present in various versions of the Verify Identity Access and Security Verify Access Containers, underscoring the importance of timely updates and vigilant security practices.

Affected Version(s)

Security Verify Access 10.0 <= 10.0.9.1

Security Verify Access Container 10.0 <= 10.0.9.1

Verify Identity Access 11.0 <= 11.0.2

References

https://www.ibm.com/support/pages/node/7268253

vendor-advisorypatch

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 1, 2026
Vulnerability Reserved
Jan 22, 2026

CVE-2026-1345 Data

JSON