CVE-2026-15091

Summary

IBM Engineering AI Hub 1.0.0, 1.1.0, and 1.2.0 could allow a remote attacker to execute arbitrary scripts due to improper neutralization of input during web page generation.

Affected Software

VendorProductVersion RangeStatus
IBMEngineering AI Hub1.0.0affected
IBMEngineering AI Hub1.1.0affected
IBMEngineering AI Hub1.2.0affected

Weaknesses

  • CWE-79: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

References