CVE-2026-8636
Last modified
CVE-2026-8636 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 allows an attacker to retrieve user passwords and cryptographic keys from memory. Attacker can use the same keys to decrypt password, gain access to the application and access sensitive data in the database.. EPSS estimates a 0.08% chance of exploitation in the next 30 days.
Description
IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 allows an attacker to retrieve user passwords and cryptographic keys from memory. Attacker can use the same keys to decrypt password, gain access to the application and access sensitive data in the database.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Datacap | 9.1.7 |
| Ibm | Datacap | 9.1.8 |
| Ibm | Datacap | 9.1.9 |
| Ibm | Datacap Navigator | 9.1.7 |
| Ibm | Datacap Navigator | 9.1.8 |
| Ibm | Datacap Navigator | 9.1.9 |
References
- https://www.ibm.com/support/pages/node/7276609Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2026-8636?
How severe is CVE-2026-8636?
How do I fix CVE-2026-8636?
Are you affected by CVE-2026-8636?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST