CVE-2026-2311

· NIST NVD ↗

IBM i 7.6, 7.5, 7.4, 7.3, and 7.2 s vulnerable to privilege escalation caused by an invalid IBM i Web Administration GUI authorization check.  A malicious actor could cause user-controlled code to run with administrator privilege.

MEDIUM
CVSS severity
6.4
CVSS base score
2026-04-30
Published

CWE codes

CWE-284

Affected products

ibm:i

Sources