CVE-2026-1265
Received Received - Intake
Sensitive Information Exposure in IBM InfoSphere Logs

Publication date: 2026-03-03

Last updated on: 2026-03-04

Assigner: IBM Corporation

Description
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to writing of sensitive Information in a log file.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-03
Last Modified
2026-03-04
Generated
2026-06-16
AI Q&A
2026-03-03
EPSS Evaluated
2026-06-15
NVD
CVE-2026-1265
EUVD
EUVD-2026-9313
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
ibm infosphere_information_server From 11.7 (inc) to 11.7.1.6 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-532 The product writes sensitive information to a log file.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-1265 is a vulnerability in IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6 where sensitive information is improperly written into log files.

This issue is classified under CWE-532, which involves the insertion of sensitive information into log files, potentially exposing confidential data.

The vulnerability can be exploited remotely over the network with low attack complexity and requires low privileges, but no user interaction is needed.

Impact Analysis

The vulnerability can lead to the exposure of sensitive information through log files, which may be accessed by unauthorized users.

Although the confidentiality impact is rated as low, this exposure could still result in information leakage that might be exploited in further attacks or cause privacy concerns.

The vulnerability does not affect the integrity or availability of the system.

Compliance Impact

I don't know

Detection Guidance

There is no specific information provided about detection methods or commands to identify this vulnerability on your network or system.

Mitigation Strategies

To mitigate this vulnerability, you should apply IBM InfoSphere Information Server updates to versions 11.7.1.0 or 11.7.1.6, or apply the relevant security patch identified by APAR DT457493.

No workarounds or alternative mitigations are provided, so applying the official updates or patches is the recommended immediate step.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-1265. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart