CVE-2026-3660CRITICAL 9.8EPSS p40.4%

CVE-2026-3660CVE-2026-3660

Description

IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0 could allow an unauthenticated remote attacker to update server property files that would allow them to gain unauthorized access to the application.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.53% probability of exploitation · percentile 40.4% · 2026-06-19T12:03:05Z
Published2026-05-26
Last modified2026-05-26

Underlying weaknesses· 1

CWE-863

References

  1. https://www.ibm.com/support/pages/node/7274079

1

TypeTargetConfidenceTier
WeaknessIncorrect Authorizationcwe-8630%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-36157
CVE
CVE-2026-3603
CVE
CVE-2026-7365
CVE
CVE-2025-36361
CVE
CVE-2026-4101
CVE
CVE-2026-8633
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.