CVE-2026-1346 - Vulnerability Analysis
CriticalCVSS: 9.3Last Updated: April 8, 2026
IBM Verify Identity Access Container & Security Verify Access - Privilege Escalation
Published: April 8, 2026Updated: April 8, 2026
Overview
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 contain a privilege escalation caused by execution with unnecessary privileges, letting locally authenticated users escalate to root, exploit requires local authentication.
Severity & Score
Severity: Critical
CVSS Score: 9.3
Impact
Locally authenticated users can escalate privileges to root, leading to full system control.
Mitigation
Update to versions later than 11.0.2 for Verify Identity Access Container and later than 10.0.9.1 for Security Verify Access or latest available versions.
Related Resources
Details
- CVE ID
- CVE-2026-1346
- Severity
- Critical
- CVSS Score
- 9.3
- Type
- broken_access_control
- Status
- new
CWE
- CWE-250
CVSS Metrics
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H