PatchSiren cyber security CVE debrief
CVE-2026-11815 Broadcom CVE debrief
CVE-2026-11815 is a vulnerability that could lead to broken security expectations or remote code execution due to deserialization of untrusted data. An attacker who intercepts and tampers with traffic between the client application and the API Gateway server could potentially deserialize arbitrary objects.
- Vendor
- Broadcom
- Product
- Layer 7 API Gateway
- CVSS
- MEDIUM 5.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-10
- Original CVE updated
- 2026-06-10
- Advisory published
- 2026-06-10
- Advisory updated
- 2026-06-10
Who should care
Security teams and developers who work with API Gateway servers and client applications should be aware of this vulnerability.
Technical summary
The vulnerability has a CVSS score of 5.3 and a severity of MEDIUM. It was published on 2026-06-10T07:16:24.713Z and last modified on 2026-06-10T20:13:47.847Z.
Defensive priority
MEDIUM
Recommended defensive actions
- Review and update the API Gateway server and client application to prevent deserialization of untrusted data.
- Implement proper validation and sanitization of user input.
- Use secure communication protocols to prevent tampering with traffic.
Evidence notes
The vendor is currently listed as Unknown Vendor, but there is evidence suggesting the vendor may be Broadcom.
Official resources
-
CVE-2026-11815 CVE record
CVE.org
-
CVE-2026-11815 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-11815 was published on 2026-06-10T07:16:24.713Z and last modified on 2026-06-10T20:13:47.847Z.