CVE-2026-13449
HIGH
NVD
CVSS Score
7.6
Severity
HIGH
Published
Jun 30, 2026
Vendor
unknown
Description
IBM Business Automation Manager Open Editions 9.0.0 through 9.4.2 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.