IBM Applinx
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in IBM Applinx.
By the Year
In 2026 there have been 6 vulnerabilities in IBM Applinx with an average score of 5.2 out of ten. Last year, in 2025 Applinx had 9 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Applinx in 2026 could surpass last years number. Last year, the average CVE base score was greater by 0.04
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 6 | 5.17 |
| 2025 | 9 | 5.21 |
It may take a day or so for new Applinx vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent IBM Applinx Security Vulnerabilities
IBM ApplinX 11.1 Server Architecture Info Disclosure
CVE-2025-36419
5.3 - Medium
- January 20, 2026
IBM ApplinX 11.1 could disclose sensitive information about server architecture that could aid in further attacks against the system.
Server-generated Error Message Containing Sensitive Information
IBM ApplinX 11.1 Priv Esc via JWT Bypass
CVE-2025-36418
7.3 - High
- January 20, 2026
IBM ApplinX 11.1 is vulnerable due to a privilege escalation vulnerability due to improper verification of JWT tokens. An attacker may be able to craft or modify a JSON web token in order to impersonate another user or to elevate their privileges.
Improper Verification of Cryptographic Signature
IBM ApplinX 11.1 CSRF Vulnerability Enables Unauthorized Actions
CVE-2025-36411
3.5 - Low
- January 20, 2026
IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
Session Riding
IBM ApplinX 11.1: Authenticated Admin Action Bypass in Server Enforcement
CVE-2025-36410
3.1 - Low
- January 20, 2026
IBM ApplinX 11.1 could allow an authenticated user to perform unauthorized administrative actions on the server due to server-side enforcement of client-side security.
Client-Side Enforcement of Server-Side Security
IBM ApplinX 11.1 XSS via Authenticated Web UI
CVE-2025-36409
5.4 - Medium
- January 20, 2026
IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
XSS
Stored XSS in IBM ApplinX 11.1 Web UI
CVE-2025-36408
6.4 - Medium
- January 20, 2026
IBM ApplinX 11.1 is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
XSS
IBM ApplinX 11.1 Sensitive Info Stored as Cleartext in Memory (CVE-2024-49800)
CVE-2024-49800
6.5 - Medium
- February 06, 2025
IBM ApplinX 11.1 stores sensitive information in cleartext in memory that could be obtained by an authenticated user.
Cleartext Storage of Sensitive Information
IBM ApplinX 11.1 Web UI XSS via Authenticated User
CVE-2024-49791
5.4 - Medium
- February 06, 2025
IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
XSS
IBM ApplinX 11.1 Remote Information Disclosure via Detailed Error Message
CVE-2024-49798
4.3 - Medium
- February 06, 2025
IBM ApplinX 11.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.
Generation of Error Message Containing Sensitive Information
IBM ApplinX 11.1 HSTS Misconfiguration Allows MITM Data Leakage
CVE-2024-49797
5.9 - Medium
- February 06, 2025
IBM ApplinX 11.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.
Use of a Broken or Risky Cryptographic Algorithm
IBM ApplinX 11.1 clickhijack via remote click spoofing
CVE-2024-49796
5.4 - Medium
- February 06, 2025
IBM ApplinX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim.
Clickjacking
IBM ApplinX 11.1: XSRF Vulnerability Enables Unauthorized Actions
CVE-2024-49795
4.3 - Medium
- February 06, 2025
IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
Session Riding
IBM ApplinX 11.1 CSRF allows malicious actions
CVE-2024-49794
4.3 - Medium
- February 06, 2025
IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
Session Riding
IBM ApplinX 11.1 XSS via Authenticated JS Injection in Web UI
CVE-2024-49793
5.4 - Medium
- February 06, 2025
IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
XSS
ApplinX 11.1 Authenticated XSS in Web UI
CVE-2024-49792
5.4 - Medium
- February 06, 2025
IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for IBM Applinx or by IBM? Click the Watch button to subscribe.
