CVE-2025-13491

IBM App Connect Enterprise Certified Container up to 12.19.0 (Continuous Delivery) and 12.0 LTS (Long Term Support) could allow an attacker to access sensitive files or modify configurations due to an untrusted search path.

CVSS v3 5.1 MEDIUM

5.1^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.5 / Impact : 2.5

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.ibm.com/support/pages/node/7259746

Configurations

No configuration.

History

05 Feb 2026, 14:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-02-05 14:16

Updated : 2026-02-05 14:57

NVD link : CVE-2025-13491

Mitre link : CVE-2025-13491

CVE.ORG link : CVE-2025-13491

JSON object : View

Products Affected

No product.

CWE

CWE-426

Untrusted Search Path

5.1 /10