IBM MQ 9.x LTS Vulnerable Until 9.1.0.33,9.2.0.40,9.3.0.36,9.4.0.17
CVE-2026-1713 Published on March 3, 2026
IBM MQ is affected by an authority vulnerablility
IBM MQ 9.1.0.0 through 9.1.0.33 LTS, 9.2.0.0 through 9.2.0.40 LTS, 9.3.0.0 through 9.3.0.36 LTS, 9.30.0 through 9.3.5.1 CD, 9.4.0.0 through 9.4.0.17 LTS, and 9.4.0.0 through 9.4.4.1 CD
Vulnerability Analysis
CVE-2026-1713 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity, and no impact on availability.
Weakness Type
Authentication Bypass by Primary Weakness
The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error.
Products Associated with CVE-2026-1713
Want to know whenever a new CVE is published for IBM Mq? stack.watch will email you.
Affected Versions
IBM MQ:- Version 9.1.0.0, <= 9.1.0.33 LTS is affected.
- Version 9.2.0.0, <= 9.2.0.40 LTS is affected.
- Version 9.3.0.0, <= 9.3.0.36 LTS is affected.
- Version 9.30.0, <= 9.3.5.1 CD is affected.
- Version 9.4.0.0, <= 9.4.0.17 LTS is affected.
- Version 9.4.0.0, <= 9.4.4.1 CD is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.