Is CVE-2026-3602 being exploited?

No public exploit is currently tracked.

How severe is CVE-2026-3602?

CVE-2026-3602 has a CVSS v3 severity of MEDIUM (4.7).

Back

CVE-2026-3602

Description

IBM App Connect Enterprise 13.0.1.0 through 13.0.7.2, and 12.0.1.0 through 12.0.12.26 and IBM Integration Bus for z/OS 10.1.0.0 through 10.1.0.7 is vulnerable to SQL injection. A remote attacker could socially engineer a user into accidentally creating files they may not be aware of.