Injection Vulnerability in TIBCO ActiveMatrix BusinessWorks and Enterprise Administrator
CVE-2026-3912

8.7HIGH

Key Information:

Vendor: Tibco
Status: Activematrix Businessworks; Enterprise Administrator
Vendor: CVE Published:; 24 March 2026

What is CVE-2026-3912?

The identified vulnerabilities in TIBCO's ActiveMatrix BusinessWorks and Enterprise Administrator stem from improper validation and sanitization of user-supplied input. This flaw can lead to significant security risks, including unauthorized information disclosure that may reveal sensitive local file data and details about the host system. Furthermore, it could enable an attacker to manipulate the application behavior, posing a threat to data integrity and operational stability. Organizations using these TIBCO products should review their security measures and apply necessary updates as highlighted in the referenced advisory.

Affected Version(s)

ActiveMatrix BusinessWorks 6.12.0

ActiveMatrix BusinessWorks 6.11.0

ActiveMatrix BusinessWorks 6.10.0

References

https://community.tibco.com/advisories/tibco-security-adv...

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 24, 2026
Vulnerability Reserved
Mar 11, 2026

CVE-2026-3912 Data

JSON

Tibco

What is CVE-2026-3912?

Affected Version(s)

References

CVSS V4

Timeline