CVE-2026-1264 IBM — Exploit & Vulnerability Details HIGH

CVE-2026-1264

HIGH CVSS 3.1: 7.1 EPSS 0.02%

Parameter	Value
CVSS	7.1 (HIGH)
Type	CWE-306 (Missing Authentication for Critical Function)
Vendor	IBM
Public PoC	No

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5_1, 6.2.1.0 through 6.2.1.1_1, and 6.2.2.0 allows a remote unauthenticated attacker to view and delete the partners of a community and to delete the communities.

Attack Parameters

Attack Vector

Network

Can be exploited remotely

Attack Complexity

Low

Easy to exploit

Privileges Required

Low

Basic privileges needed

User Interaction

None

No user interaction needed

Impact Assessment

Confidentiality

Low

Partial data leak

Integrity

High

Complete data modification

Availability

None

No disruption

CVSS Vector v3.1

Weakness Type (CWE)

CWE-306 Missing Authentication for Critical Function

References 1

https://www.ibm.com/support/pages/node/7266518

psirt@us.ibm.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-1276

IBM

5.4

CVE-2025-36051

IBM

6.2

CVE-2025-15051

IBM

5.4

CVE-2025-13995

IBM

5.0

CVE-2026-3856

IBM

5.3

Menu

CVE-2026-1264

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-1276

CVE-2025-36051

CVE-2025-15051

CVE-2025-13995

CVE-2026-3856

CVE Details

Editor's Choice

Menu

CVE-2026-1264

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-1276

CVE-2025-36051

CVE-2025-15051

CVE-2025-13995

CVE-2026-3856

CVE Details

Editor's Choice

Stay informed on cybersecurity