CVE-2026-8636
Analyzed
Analyzed - Analysis Complete
IBM Datacap Password and Key Exposure Vulnerability
Vulnerability report for CVE-2026-8636, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-06-22
Last updated on: 2026-06-26
Assigner: IBM Corporation
Description
Description
IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 allows an attacker to retrieve user passwords and cryptographic keys from memory. Attacker can use the same keys to decrypt password, gain access to the application and access sensitive data in the database.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ibm | datacap | 9.1.7 |
| ibm | datacap_navigator | 9.1.7 |
| ibm | datacap_navigator | 9.1.8 |
| ibm | datacap_navigator | 9.1.9 |
| ibm | datacap | 9.1.8 |
| ibm | datacap | 9.1.9 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-316 | The product stores sensitive information in cleartext in memory. |