IBM App Connect Operator
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in IBM App Connect Operator.
By the Year
In 2026 there have been 2 vulnerabilities in IBM App Connect Operator with an average score of 5.5 out of ten. Last year, in 2025 App Connect Operator had 1 security vulnerability published. That is, 1 more vulnerability have already been reported in 2026 as compared to last year. Last year, the average CVE base score was greater by 1.00
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 2 | 5.50 |
| 2025 | 1 | 6.50 |
It may take a day or so for new App Connect Operator vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent IBM App Connect Operator Security Vulnerabilities
IBM App Connect Cert Container Cleartext MITM Vulnerability CD 11.3.0-12.20.0, LTS 12.0.0-12.0.20
CVE-2025-13490
5.9 - Medium
- March 03, 2026
IBM App Connect Operator versions CD 11.3.0 through 11.6.0 and 12.1.0 through 12.20.0, LTS versions 12.0.0 through 12.0.20, and IBM App Connect Enterprise Certified Containers Operands versions CD 12.0.11.2r1 through 12.0.12.5r1 and 13.0.1.0r1 through 13.0.6.1r1, and LTS versions 12.0.12r1 through 12.0.12r20, contain a vulnerability in which the IBM App Connect Enterprise Certified Container transmits data in clear text, potentially allowing an attacker to intercept and obtain sensitive information through maninthemiddle techniques.
Cleartext Transmission of Sensitive Information
IBM App Connect CE Container Untrusted Search Path Enables Sens Access (12.19)
CVE-2025-13491
5.1 - Medium
- February 05, 2026
IBM App Connect Enterprise Certified Container CD: 11.2.0 through 11.6.0, 12.1.0 through 12.19.0 and 12.0 LTS: 12.0.0 through 12.0.19 could allow an attacker to access sensitive files or modify configurations due to an untrusted search path.
Untrusted Path
IBM App Connect Certified Container 7.2-12.8 DoS via Server Input Validation
CVE-2024-52362
6.5 - Medium
- March 12, 2025
IBM App Connect Enterprise Certified Container 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, and 12.8 could allow an authenticated user to cause a denial of service in the App Connect flow due to improper validation of server-side input.
Improper Validation of Syntactic Correctness of Input
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for IBM App Connect Operator or by IBM? Click the Watch button to subscribe.
