PatchSiren cyber security CVE debrief
CVE-2026-7870 IBM CVE debrief
CVE-2026-7870 is a high-severity vulnerability in IBM i 7.6, 7.5, 7.4, and 7.3 that allows a user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privilege. The vulnerability has a CVSS score of 8.8 and is classified as HIGH.
- Vendor
- IBM
- Product
- i
- CVSS
- HIGH 8.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-11
- Original CVE updated
- 2026-06-11
- Advisory published
- 2026-06-11
- Advisory updated
- 2026-06-11
Who should care
Users of IBM i 7.6, 7.5, 7.4, and 7.3 should be aware of this vulnerability and take necessary actions to mitigate it.
Technical summary
The vulnerability is caused by an unqualified library call in IBM i 7.6, 7.5, 7.4, and 7.3, which allows a user to gain elevated privileges. The vulnerability is classified under CWE-427.
Defensive priority
high
Recommended defensive actions
- Apply patches or updates provided by IBM to fix the vulnerability.
- Review and update system configurations to prevent exploitation.
Evidence notes
The vulnerability is documented in the CVE record [cve-org] and the NVD detail page [nvd]. IBM has also provided a support page [ref-4] for this issue.
Official resources
-
CVE-2026-7870 CVE record
CVE.org
-
CVE-2026-7870 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-7870 was published on 2026-06-11T16:16:25.220Z and modified on 2026-06-11T20:56:29.653Z.