CVE-2026-8405— IBM Guardium Data Protection is affected by Exposure of Sensitive Information vulnerability
Possible ATT&CK Techniques 1AI
T1530 · Data from Cloud StorageAffected Version Matrix 2
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | Guardium Data Protection | 12.2.1≤ 4.4.7 Fix Pack 1 | affected |
12.2.2 | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-8405
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
IBM Guardium Data Protection is affected by Exposure of Sensitive Information vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
IBM Guardium Data Protection 12.2.1, and 12.2.2 's add-on feature of Guardium Data Protection named "Long Term Retention" (LTR) can expose sensitive credentials in debug mode.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
信息暴露
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| IBM | Guardium Data Protection | 12.2.1 ~ 4.4.7 Fix Pack 1 | cpe:2.3:a:ibm:guardium_data_protection:12.2.1:*:*:*:*:*:*:* |
II. Public POCs for CVE-2026-8405
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-8405
请登录查看更多情报信息。
Other References for CVE-2026-8405 (1)
Same Patch Batch · IBM · 2026-05-27 · 29 CVEs total
| CVE-2026-7524 | 9.8 CRITICAL | Path Traversal Vulnerability in File Processing Components Allows Unauthorized File System |
| CVE-2026-8175 | 9.8 CRITICAL | Multiple vulnerabilities in Aspera applications. |
| CVE-2026-5065 | 8.8 HIGH | IBM Controller is affected by vulnerabilities |
| CVE-2026-8179 | 8.8 HIGH | Multiple vulnerabilities in Aspera applications. |
| CVE-2026-7365 | 8.4 HIGH | IBM Operations Analytics - Log Analysis is affected by Information disclosure due to defau |
| CVE-2026-3623 | 7.8 HIGH | Vulnerabilities exists in IBM Netezza Performance Server Replication Services |
| CVE-2026-3366 | 7.5 HIGH | InfoSphere Optim Test Data Fabrication is affected by Arbitrary File Read |
| CVE-2026-8180 | 7.5 HIGH | Multiple vulnerabilities in Aspera applications. |
| CVE-2024-56462 | 7.2 HIGH | IBM QRadar SIEM is vulnerable to using components with known vulnerabilities |
| CVE-2026-7528 | 7.1 HIGH | Unauthenticated File Upload Vulnerability Allows Disk Space Exhaustion and Path Disclosure |
| CVE-2026-1718 | 7.1 HIGH | IBM® Db2® is vulnerable to a denial of service with a specially crafted query when running |
| CVE-2026-9035 | 6.5 MEDIUM | Multiple vulnerabilities in Aspera applications. |
| CVE-2026-6938 | 6.5 MEDIUM | IBM® Db2® is vulnerable to authorization bypass when uploading to a remote object storage |
| CVE-2026-6936 | 6.5 MEDIUM | IBM i is Affected by a Denial of Service Vulnerability [] |
| CVE-2026-6052 | 6.5 MEDIUM | IBM® Db2® is vulnerable to running out of memory when executing certain queries with MDC t |
| CVE-2026-3676 | 6.5 MEDIUM | There are multiple vulnerabilities in IBM DB2 bundled with IBM Application Performance Man |
| CVE-2024-40684 | 5.9 MEDIUM | IBM Operations Analytics - Log Analysis is affected by Weak Password Policy and Inadequate |
| CVE-2026-6053 | 5.5 MEDIUM | IBM® Db2® is vulnerable to a denial of service when a specially crafted query is run with |
| CVE-2026-6051 | 5.5 MEDIUM | IBM® Db2® is vulnerable to a denial of service when executing a specially crafted query wi |
| CVE-2026-5515 | 5.5 MEDIUM | IBM App Connect Enterprise is vulnerable to a confidential disclosure |
Showing top 20 of 29 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: Guardium Data Protection
- CVE-2026-1272
IBM Guardium Data Protection is affected by multiple vulnera - CVE-2026-1274
IBM Guardium Data Protection is affected by multiple vulnera - CVE-2026-4917
IBM Guardium Data Protection is affected by multiple vulnera - CVE-2026-4918
IBM Guardium Data Protection is affected by multiple vulnera - CVE-2026-4919
IBM Guardium Data Protection is affected by multiple vulnera
Same vendor: IBM
- CVE-2026-1248
IBM Business Automation Workflow information leak - CVE-2026-7876
Authentication bypass vulnerability found in Aspera High-Spe - CVE-2026-7365
IBM Operations Analytics - Log Analysis is affected by Infor - CVE-2024-56462
IBM QRadar SIEM is vulnerable to using components with known - CVE-2024-40684
IBM Operations Analytics - Log Analysis is affected by Weak
Same weakness: CWE-200
- CVE-2026-7526
PDF Embedder <= 4.9.3 - Authenticated (Contributor+) Informa - CVE-2026-42878
FacturaScripts: Unauthenticated phpinfo() Disclosure via Ins - CVE-2026-46427
Budibase: Snowflake private key returned unmasked from datas - CVE-2026-44460
FileRise: TOTP Bypass via Setup Endpoint Disclosing Existing - CVE-2026-24198
NVIDIA GPU Display Driver 信息泄露漏洞
V. Comments for CVE-2026-8405
No comments yet