Hard-coded Credential Vulnerability in IBM Controller Products
CVE-2026-5065

8.8HIGH

Key Information:

Vendor: IBM
Status: Controller
Vendor: CVE Published:; 27 May 2026

What is CVE-2026-5065?

IBM Controller versions 11.0.1, 11.1.0, 11.1.1, and 11.1.2 include hard-coded credentials, affecting inbound authentication and outbound communications. This flaw can potentially allow unauthorized access and compromise sensitive internal data. Organizations using these versions should prioritize security assessments and apply necessary patches to mitigate risks associated with this vulnerability.

Affected Version(s)

Controller 11.0.1 <= 26.0.0.5

Controller 11.1.0

Controller 11.1.1

References

https://www.ibm.com/support/pages/node/7273004

vendor-advisorypatch

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 27, 2026
Vulnerability Reserved
Mar 27, 2026

CVE-2026-5065 Data

JSON