CVE-2026-1262
Received Received - Intake
Information Disclosure in IBM InfoSphere Information Server 11.7.x

Publication date: 2026-03-25

Last updated on: 2026-03-26

Assigner: IBM Corporation

Description
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information disclosure vulnerability.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-25
Last Modified
2026-03-26
Generated
2026-06-16
AI Q&A
2026-03-26
EPSS Evaluated
2026-06-15
NVD
CVE-2026-1262
EUVD
EUVD-2026-15980
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
ibm infosphere_information_server From 11.7.0.0 (inc) to 11.7.1.6 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-209 The product generates an error message that includes sensitive information about its environment, users, or associated data.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-1262 is an information disclosure vulnerability in IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6.

It is classified under CWE-209, which means it involves the generation of error messages that contain sensitive information.

The vulnerability can be exploited remotely over the network with low attack complexity and requires low privileges, without any user interaction.

The impact is limited to confidentiality, with no effect on integrity or availability.

Impact Analysis

This vulnerability can lead to the disclosure of sensitive information through error messages generated by the IBM InfoSphere Information Server.

Because the vulnerability can be exploited remotely with low privileges and no user interaction, attackers may gain access to confidential data without affecting system integrity or availability.

The actual impact depends on the specific environment and how sensitive the disclosed information is within that context.

Mitigation Strategies

To mitigate the CVE-2026-1262 vulnerability in IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6, you should apply the fixes provided in APARs DT458255 and DT459618.

Alternatively, upgrading to versions 11.7.1.0, 11.7.1.6, or applying the 11.7.1.6 Service Pack 2 will also address the vulnerability.

No workarounds or other mitigations are available, so applying these fixes or upgrades is the immediate recommended action.

Compliance Impact

The provided information does not specify how the CVE-2026-1262 vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-1262. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart