← back
CVE-2026-1567

IBM InfoSphere Information Server is affected by an XML external entity injection (XXE) vulnerability

CVSS 7.1 HIGHEPSS 0.3%CWE-611
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.1EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
03 Mar 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 An XML External Entity (XXE) vulnerability in IBM InfoSphere Information Server could allow attackers to retrieve sensitive information from the server.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
Affected products
IBM · InfoSphere Information Server

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.ibm.com/support/pages/node/7259630