{"api_version":"1","generated_at":"2026-05-28T06:18:37+00:00","cve":"CVE-2026-4051","urls":{"html":"https://cve.report/CVE-2026-4051","api":"https://cve.report/api/cve/CVE-2026-4051.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-4051","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-4051"},"summary":{"title":"IBM Engineering Lifecycle Management - Jazz Foundation is vulnerable to Server Post-Auth Remote Code Execution","description":"IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0 could allow an attacker with administrative privileges to execute remote code due to exposed method that is not properly restricted.","state":"PUBLISHED","assigner":"ibm","published_at":"2026-05-26 19:16:28","updated_at":"2026-05-27 15:41:55"},"problem_types":["CWE-749","CWE-749 CWE-749 Exposed Dangerous Method or Function"],"metrics":[{"version":"3.1","source":"psirt@us.ibm.com","type":"Secondary","score":"7.2","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}},{"version":"3.1","source":"CNA","type":"CVSS","score":"7.2","severity":"HIGH","vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"HIGH","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}}],"references":[{"url":"https://www.ibm.com/support/pages/node/7274077","name":"https://www.ibm.com/support/pages/node/7274077","refsource":"psirt@us.ibm.com","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-4051","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-4051","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"IBM","product":"Engineering Lifecycle Management","version":"affected 7.0.3 Interim Fix 021 semver","platforms":[]},{"source":"CNA","vendor":"IBM","product":"Engineering Lifecycle Management","version":"affected 7.1.0 Interim Fix 009 semver","platforms":[]},{"source":"CNA","vendor":"IBM","product":"Engineering Lifecycle Management","version":"affected 7.2.0 Interim Fix 001 semver","platforms":[]}],"timeline":[],"solutions":[{"source":"CNA","title":"","value":"IBM strongly recommends addressing the vulnerability now by upgrading to iFixes detailed below:\n\nAffected Product(s)Version(s)Remediation/Fix/Instructions\n\nIBM Engineering Lifecycle Management - Jazz Foundation\n\n7.0.3Download and install  iFix022 https://www.ibm.com/support/fixcentral/swg/downloadFixes \n\nIBM Engineering Lifecycle Management - Jazz Foundation\n\n7.1.0Download and install  iFix010 https://www.ibm.com/support/fixcentral/swg/downloadFixes \n\nIBM Engineering Lifecycle Management - Jazz Foundation\n\n7.2.0Download and install  iFix002 https://www.ibm.com/support/fixcentral/swg/downloadFixes","time":"","lang":"en"}],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.0.3","cpe7":"-","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.0.3","cpe7":"ifix002","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.0.3","cpe7":"ifix003","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.0.3","cpe7":"ifix004","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.0.3","cpe7":"ifix005","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.0.3","cpe7":"ifix006","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.0.3","cpe7":"ifix007","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.0.3","cpe7":"ifix008","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.0.3","cpe7":"ifix009","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.0.3","cpe7":"ifix010","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.0.3","cpe7":"ifix011","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.0.3","cpe7":"ifix012","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.0.3","cpe7":"ifix013","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.0.3","cpe7":"ifix014","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.0.3","cpe7":"ifix015","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.0.3","cpe7":"ifix016","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.0.3","cpe7":"ifix017","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.0.3","cpe7":"ifix018","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.0.3","cpe7":"ifix019","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.0.3","cpe7":"ifix020","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.0.3","cpe7":"ifix021","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.1.0","cpe7":"-","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.1.0","cpe7":"ifix001","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.1.0","cpe7":"ifix002","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.1.0","cpe7":"ifix003","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.1.0","cpe7":"ifix004","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.1.0","cpe7":"ifix005","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.1.0","cpe7":"ifix006","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.1.0","cpe7":"ifix007","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.1.0","cpe7":"ifix008","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.1.0","cpe7":"ifix009","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.2.0","cpe7":"-","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"4051","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"engineering_lifecycle_management","cpe6":"7.2.0","cpe7":"ifix001","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2026","cve_id":"4051","cve":"CVE-2026-4051","epss":"0.000140000","percentile":"0.027930000","score_date":"2026-05-27","updated_at":"2026-05-28 00:02:12"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2026-4051","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","timestamp":"2026-05-26T20:01:09.829546Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-05-27T10:43:47.346Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"cpes":["cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.3:*:*:*:*:*:*:*","cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.3:ifix021:*:*:*:*:*:*","cpe:2.3:a:ibm:engineering_lifecycle_management:7.1.0:*:*:*:*:*:*:*","cpe:2.3:a:ibm:engineering_lifecycle_management:7.1.0:ifix009:*:*:*:*:*:*","cpe:2.3:a:ibm:engineering_lifecycle_management:7.2.0:*:*:*:*:*:*:*","cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.2:ifix1:*:*:*:*:*:*"],"defaultStatus":"unaffected","product":"Engineering Lifecycle Management","vendor":"IBM","versions":[{"lessThanOrEqual":"Interim Fix 021","status":"affected","version":"7.0.3","versionType":"semver"},{"lessThanOrEqual":"Interim Fix 009","status":"affected","version":"7.1.0","versionType":"semver"},{"lessThanOrEqual":"Interim Fix 001","status":"affected","version":"7.2.0","versionType":"semver"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0 could allow an attacker with administrative privileges to execute remote code due to exposed method that is not properly restricted.</p>"}],"value":"IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0 could allow an attacker with administrative privileges to execute remote code due to exposed method that is not properly restricted."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"HIGH","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-749","description":"CWE-749 Exposed Dangerous Method or Function","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-05-26T20:08:52.409Z","orgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","shortName":"ibm"},"references":[{"tags":["vendor-advisory","patch"],"url":"https://www.ibm.com/support/pages/node/7274077"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>IBM strongly recommends addressing the vulnerability now by upgrading to iFixes detailed below:</p><div><table><tbody><tr><td><strong>Affected Product(s)</strong></td><td><strong>Version(s)</strong></td><td><strong>Remediation/Fix/Instructions</strong></td></tr><tr><td><p>IBM Engineering Lifecycle Management - Jazz Foundation</p></td><td>7.0.3</td><td>Download and install&nbsp;<a href=\"https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Engineering&amp;product=ibm/Rational/IBM+Engineering+Lifecycle+Management&amp;release=7.2&amp;platform=All&amp;function=fixId&amp;fixids=7.0.3-IBM-ELM-iFix022&amp;includeRequisites=0&amp;includeSupersedes=0&amp;downloadMethod=http\" rel=\"nofollow\">iFix022</a></td></tr><tr><td><p>IBM Engineering Lifecycle Management - Jazz Foundation</p></td><td>7.1.0</td><td>Download and install&nbsp;<a href=\"https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Engineering&amp;product=ibm/Rational/IBM+Engineering+Lifecycle+Management&amp;release=7.1&amp;platform=All&amp;function=fixId&amp;fixids=7.1-IBM-ELM-iFix010&amp;includeRequisites=0&amp;includeSupersedes=0&amp;downloadMethod=http&amp;login=true\" rel=\"nofollow\">iFix010</a></td></tr><tr><td><p>IBM Engineering Lifecycle Management - Jazz Foundation</p></td><td>7.2.0</td><td>Download and install&nbsp;<a href=\"https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Engineering&amp;product=ibm/Rational/IBM+Engineering+Lifecycle+Management&amp;release=7.2&amp;platform=All&amp;function=fixId&amp;fixids=7.2-IBM-ELM-iFix002&amp;includeRequisites=0&amp;includeSupersedes=0&amp;downloadMethod=http&amp;login=true\" rel=\"nofollow\">iFix002</a></td></tr></tbody></table></div><p></p>"}],"value":"IBM strongly recommends addressing the vulnerability now by upgrading to iFixes detailed below:\n\nAffected Product(s)Version(s)Remediation/Fix/Instructions\n\nIBM Engineering Lifecycle Management - Jazz Foundation\n\n7.0.3Download and install  iFix022 https://www.ibm.com/support/fixcentral/swg/downloadFixes \n\nIBM Engineering Lifecycle Management - Jazz Foundation\n\n7.1.0Download and install  iFix010 https://www.ibm.com/support/fixcentral/swg/downloadFixes \n\nIBM Engineering Lifecycle Management - Jazz Foundation\n\n7.2.0Download and install  iFix002 https://www.ibm.com/support/fixcentral/swg/downloadFixes"}],"source":{"discovery":"UNKNOWN"},"title":"IBM Engineering Lifecycle Management - Jazz Foundation is vulnerable to Server Post-Auth Remote Code Execution","x_generator":{"engine":"ibm-cvegen"}}},"cveMetadata":{"assignerOrgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","assignerShortName":"ibm","cveId":"CVE-2026-4051","datePublished":"2026-05-26T18:12:43.303Z","dateReserved":"2026-03-12T14:25:02.970Z","dateUpdated":"2026-05-27T10:43:47.346Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-05-26 19:16:28","lastModifiedDate":"2026-05-27 15:41:55","problem_types":["CWE-749","CWE-749 CWE-749 Exposed Dangerous Method or Function"],"metrics":{"cvssMetricV31":[{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.3:-:*:*:*:*:*:*","matchCriteriaId":"BA0582EF-251B-4694-8B17-EC0F70F10801"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.3:ifix002:*:*:*:*:*:*","matchCriteriaId":"209A6B2B-A3CE-4F5F-B1D0-36228625005D"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.3:ifix003:*:*:*:*:*:*","matchCriteriaId":"8449CFAE-05C3-4212-AE0F-7B82E588D8A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.3:ifix004:*:*:*:*:*:*","matchCriteriaId":"1C68C005-C09B-427B-9206-F1CA70F72EE5"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.3:ifix005:*:*:*:*:*:*","matchCriteriaId":"D712BB02-8954-4F1A-9940-7E547342410B"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.3:ifix006:*:*:*:*:*:*","matchCriteriaId":"32B14BF7-43A6-4979-A3AD-369034486EFB"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.3:ifix007:*:*:*:*:*:*","matchCriteriaId":"7DD02B82-C06B-4D2A-B8B8-633C8AE208EB"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.3:ifix008:*:*:*:*:*:*","matchCriteriaId":"62D0DE8D-0986-4B04-972E-71053995C1CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.3:ifix009:*:*:*:*:*:*","matchCriteriaId":"7F83533F-043F-4073-A883-27A2834D6130"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.3:ifix010:*:*:*:*:*:*","matchCriteriaId":"34427171-70E0-474E-80DD-BDF46135CE4A"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.3:ifix011:*:*:*:*:*:*","matchCriteriaId":"30B2FA43-5684-4A6B-9A5D-879E42C1A8B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.3:ifix012:*:*:*:*:*:*","matchCriteriaId":"EA376C3C-8509-4342-A54B-A21F031BF6C1"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.3:ifix013:*:*:*:*:*:*","matchCriteriaId":"4C7B4708-5BB9-4BB9-BEB4-8574F2872DA5"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.3:ifix014:*:*:*:*:*:*","matchCriteriaId":"5B839BEE-17AB-4776-B5F5-443E07CC6A18"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.3:ifix015:*:*:*:*:*:*","matchCriteriaId":"42093B36-DC7E-41D8-B846-A943DD576FDD"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.3:ifix016:*:*:*:*:*:*","matchCriteriaId":"2795CBD8-0F0B-4347-8499-33062AC0ED80"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.3:ifix017:*:*:*:*:*:*","matchCriteriaId":"39161861-4C6F-4F6C-961F-5FD142999AA8"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.3:ifix018:*:*:*:*:*:*","matchCriteriaId":"82039467-E458-4F12-96EA-0AC014831851"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.3:ifix019:*:*:*:*:*:*","matchCriteriaId":"A389A247-0816-44A7-B4AE-EF218BCE9BC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.3:ifix020:*:*:*:*:*:*","matchCriteriaId":"5DE20864-F382-46DD-B21D-50907BA18A87"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.3:ifix021:*:*:*:*:*:*","matchCriteriaId":"D9EDBD1C-AE4E-40C7-93D3-D2C48B558F19"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.1.0:-:*:*:*:*:*:*","matchCriteriaId":"EA9D4742-2C27-4515-86D8-69A2C8EF2910"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.1.0:ifix001:*:*:*:*:*:*","matchCriteriaId":"6BE1B8B4-40CB-4B72-B71B-D321B0CD4CAA"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.1.0:ifix002:*:*:*:*:*:*","matchCriteriaId":"05AE7D18-38B4-4326-9A48-7B1BB4C72EC7"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.1.0:ifix003:*:*:*:*:*:*","matchCriteriaId":"15181084-D833-4777-836C-8E0CCE53342F"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.1.0:ifix004:*:*:*:*:*:*","matchCriteriaId":"FDBAD00C-2DD4-4A13-B89E-55940B1598CB"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.1.0:ifix005:*:*:*:*:*:*","matchCriteriaId":"24EAD89C-B98C-41A4-B6AF-FB9550392395"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.1.0:ifix006:*:*:*:*:*:*","matchCriteriaId":"3AADA4BD-ADB2-4500-9AE6-AB6C0DF7DC84"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.1.0:ifix007:*:*:*:*:*:*","matchCriteriaId":"EE8F634A-2DA7-4772-AB14-472AE31C9ECD"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.1.0:ifix008:*:*:*:*:*:*","matchCriteriaId":"63A75D7F-6124-4AA5-8057-B6DBB2BFE7B8"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.1.0:ifix009:*:*:*:*:*:*","matchCriteriaId":"1AEB66B1-1C3E-4510-A019-0DB791AEC72C"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.2.0:-:*:*:*:*:*:*","matchCriteriaId":"B08E3BAA-0C9E-487E-954C-7561D1E4E482"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:engineering_lifecycle_management:7.2.0:ifix001:*:*:*:*:*:*","matchCriteriaId":"AACF7171-A3EA-43E8-97AA-09269AB083CB"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"4051","Ordinal":"1","Title":"IBM Engineering Lifecycle Management - Jazz Foundation is vulner","CVE":"CVE-2026-4051","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"4051","Ordinal":"1","NoteData":"IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0 could allow an attacker with administrative privileges to execute remote code due to exposed method that is not properly restricted.","Type":"Description","Title":"IBM Engineering Lifecycle Management - Jazz Foundation is vulner"}]}}}