CVE-2026-7770 | THREATINT

Description

IBM i Access Family 1.1.5.0 through 1.1.9.12 IBM i Access Client Solutions (ACS) is vulnerable to remote code execution when configured to listen for requests from IBM i Navigator.

PUBLISHED Reserved 2026-05-04 | Published 2026-06-01 | Updated 2026-06-02 | Assigner ibm

HIGH: 8.8CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Product status

1.1.5.0 (semver)

affected

References

www.ibm.com/support/pages/node/7274214 vendor-advisory patch

cve.org (CVE-2026-7770)

nvd.nist.gov (CVE-2026-7770)

Download JSON