Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%
Buy Us a Coffee

CVE-2026-8636— Multiple Vulnerabilities in IBM Datacap

CVSS 5.5 · Medium EPSS 0.08% · P0
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-8636

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Multiple Vulnerabilities in IBM Datacap
Source: NVD (National Vulnerability Database)
Vulnerability Description
IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 allows an attacker to retrieve user passwords and cryptographic keys from memory. Attacker can use the same keys to decrypt password, gain access to the application and access sensitive data in the database.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
在内存中的明文存储
Source: NVD (National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
IBMDatacap 9.1.7 ~ 1.8.4 cpe:2.3:a:ibm:datacap:9.1.7:*:*:*:*:*:*:*
IBMDatacap Navigator 9.1.7 ~ 8.2.1.0 cpe:2.3:a:ibm:datacap_navigator:9.1.7:*:*:*:*:*:*:*

II. Public POCs for CVE-2026-8636

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-8636

登录查看更多情报信息。

Other References for CVE-2026-8636 (1)

Same Patch Batch · IBM · 2026-06-22 · 21 CVEs total

CVE-2026-1056110.0 CRITICALUnauthenticated Remote Code Execution in Langflow OSS PythonREPLComponent via Builtins Inj
CVE-2026-76649.8 CRITICALUnauthenticated Flow Execution via Webhook Endpoint in Langflow OSS
CVE-2026-126289.1 CRITICALHardcoded credential in the IBM Storage Protect Snapshot For Windows leads to unauthorized
CVE-2026-90728.1 HIGHWebSphere Application Server is Affected By Denial of Service, HTTP Request Smuggling, and
CVE-2026-90717.5 HIGHIBM WebSphere Application Server and WebSphere Application Server Liberty are affected by
CVE-2026-88587.5 HIGHWebSphere Application Server is Affected By Denial of Service, HTTP Request Smuggling, and
CVE-2026-90067.4 HIGHIBM WebSphere Application Server is affected by server-side request forgery
CVE-2026-86467.4 HIGHIBM WebSphere Application Server and WebSphere Application Server Liberty are affected by
CVE-2024-541786.5 MEDIUMMultiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse on Cloud
CVE-2024-514546.5 MEDIUMIBM Engineering Lifecycle Management - Engineering Workflow Management is impacted by vuln
CVE-2026-80596.1 MEDIUMMultiple Vulnerabilities in IBM Datacap
CVE-2025-26696.0 MEDIUMMultiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse on Cloud
CVE-2026-93205.9 MEDIUMIBM WebSphere Application Server and WebSphere Application Server Liberty are affected by
CVE-2026-108525.9 MEDIUMWebsphere Application Server is Affected By a Denial of Service in IBM WebSphere Applicati
CVE-2026-113725.4 MEDIUMIBM TRIRIGA Cross-Site Scripting Vulnerability
CVE-2025-331285.4 MEDIUMIBM Engineering Lifecycle Management - Engineering Workflow Management is impacted by vuln
CVE-2023-338545.3 MEDIUMMultiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse on Cloud
CVE-2026-72535.3 MEDIUMIBM Watson Speech Services Cartridge is vulnerable to Server-Side Request Forgery (SSRF) i
CVE-2026-96102.3 LOWMultiple Vulnerabilities in IBM Datacap
CVE-2026-10845IBM WebSphere Application Server is affected by an authentication bypass vulnerability

IV. Related Vulnerabilities

Same product: Datacap
Same vendor: IBM
Same weakness: CWE-316

V. Comments for CVE-2026-8636

No comments yet

Leave a comment