CVE-2026-9610 IBM CVE debrief

Who should care

Organizations using IBM Datacap and Datacap Navigator versions 9.1.7, 9.1.8, and 9.1.9 should be aware of this vulnerability and take necessary steps to mitigate it. This vulnerability could potentially allow unauthorized access to sensitive resources or functionality. Defender priorities include verifying inventory, reviewing access controls, and implementing compensating controls.

Technical summary

The vulnerability exists due to IBM Datacap and Datacap Navigator exposing resources or functionality that is not linked in the UI but can be accessed directly via URL requests. This allows unauthorized access to resources or functionality, bypassing intended access controls. The affected products and versions are IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9. The CVSS score for this vulnerability is 2.3, indicating a low severity.

Defensive priority

Defenders should prioritize verifying inventory, reviewing access controls, and implementing compensating controls to mitigate this vulnerability.

Recommended defensive actions

• Verify inventory of IBM Datacap and Datacap Navigator installations
• Review access controls and implement compensating controls
• Monitor for suspicious activity
• Implement additional security measures to prevent unauthorized access
• Review and update incident response plans

Evidence notes

The CVE record and NVD detail provide information on the vulnerability, affected products, and CVSS score. The vendor advisory provides mitigation information.

Official resources