Remote Code Execution Vulnerability in IBM Engineering AI Hub
CVE-2026-15069

5.4MEDIUM

Key Information:

Vendor

IBM

Vendor
CVE Published:
17 July 2026

What is CVE-2026-15069?

IBM Engineering AI Hub versions 1.0.0, 1.1.0, and 1.2.0 are affected by a vulnerability that enables remote attackers to execute arbitrary script code. This issue arises from improper sanitization of user input during the web page generation process. If exploited, it could allow attackers to manipulate the server-side execution environment, potentially compromising the integrity and security of the application. It is crucial for users to apply necessary patches and updates as provided by IBM to safeguard their systems.

Affected Version(s)

Engineering AI Hub 1.0.0

Engineering AI Hub 1.1.0

Engineering AI Hub 1.2.0

References

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.