Skip to main content

IBM Datacap CVE-2026-8636

| EUVDEUVD-2026-38283 HIGH
Cleartext Storage of Sensitive Information in Memory (CWE-316)
2026-06-22 ibm GHSA-xfpj-q55p-7h2m
7.5
CVSS 3.1 · NVD
Share

Severity by source

Vendor (ibm) PRIMARY
MEDIUM
qualitative
NVD
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
vuln.today AI
5.5 MEDIUM

Reading cleartext secrets from process memory realistically needs local, low-privileged host access (AV:L, PR:L); impact is confidentiality-only (C:H, I:N, A:N) with no scope change.

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (ibm).

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

6
Analysis Updated
Jun 26, 2026 - 21:29 vuln.today
v3 (cvss_changed)
Analysis Updated
Jun 26, 2026 - 21:29 vuln.today
v2 (cvss_changed)
Re-analysis Queued
Jun 26, 2026 - 21:22 vuln.today
cvss_changed
Severity Changed
Jun 26, 2026 - 21:22 NVD
MEDIUM HIGH
CVSS changed
Jun 26, 2026 - 21:22 NVD
5.5 (MEDIUM) 7.5 (HIGH)
Analysis Generated
Jun 22, 2026 - 16:07 vuln.today

DescriptionNVD

IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 allows an attacker to retrieve user passwords and cryptographic keys from memory. Attacker can use the same keys to decrypt password, gain access to the application and access sensitive data in the database.

AnalysisAI

Sensitive-data disclosure in IBM Datacap and Datacap Navigator (versions 9.1.7, 9.1.8, 9.1.9) lets an attacker recover user passwords and cryptographic keys that the application holds in cleartext in memory; the recovered keys can then decrypt stored credentials, authenticate to the application, and reach sensitive data in the backing database. IBM has released a patch. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain access to Datacap host/process
Delivery
Read process memory
Exploit
Extract cleartext passwords and crypto key
Execution
Decrypt stored credential store
Persist
Authenticate to application
Impact
Access sensitive database data

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to be able to read the memory of the running IBM Datacap / Datacap Navigator process where passwords and the cryptographic key are held in cleartext (CWE-316); recovering the key is the prerequisite that then enables decrypting stored passwords, authenticating to the application, and reaching the database. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Signals here conflict and should be read carefully. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who can read the Datacap process memory (e.g., a local or low-privileged user on the application host, or via a separate foothold) dumps the running process, extracts the cleartext passwords and the cryptographic key, then uses that key to decrypt the stored credential store. With valid application credentials they log in and query the backend database for sensitive captured documents and data. …
Remediation Apply the IBM-released fix per the vendor advisory at https://www.ibm.com/support/pages/node/7276609 (Patch available per vendor advisory; the advisory enumerates the fixed fix-pack levels above the vulnerable 9.1.7 ≤1.8.4 and Navigator 9.1.7 ≤8.2.1.0 builds - confirm the exact target build from that page rather than an assumed version number). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: identify and inventory all IBM Datacap and Datacap Navigator deployments; confirm which are running versions 9.1.7, 9.1.8, or 9.1.9. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2024-39736 CRITICAL
9.8 Jul 15

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to HTTP header injection, caused by improper v

CVE-2024-39731 HIGH
7.5 Jul 15

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 uses weaker than expected cryptographic algorithms that coul

CVE-2024-39732 HIGH
7.5 Jul 14

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 temporarily stores data from different environments that cou

CVE-2026-8059 MEDIUM
6.1 Jun 22

Cross-site scripting in IBM Datacap and Datacap Navigator 9.1.7 through 9.1.9 allows unauthenticated remote attackers to

CVE-2024-39733 MEDIUM
5.5 Jul 14

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 stores user credentials in plain clear text which can be rea

CVE-2024-39730 MEDIUM
5.4 Jun 28

IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to hijack the clicking action of the victim.

CVE-2025-36027 MEDIUM
5.4 Jun 28

IBM Datacap 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to hijack the clicking action of the victim. By pe

CVE-2024-39735 MEDIUM
5.4 Jul 15

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to cross-site scripting. Rated medium severity

CVE-2024-39728 MEDIUM
5.4 Jul 15

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to stored cross-site scripting. Rated medium s

CVE-2026-9610 MEDIUM
5.3 Jun 22

Forced browsing exposure in IBM Datacap and IBM Datacap Navigator 9.1.7 through 9.1.9 allows a highly privileged local u

CVE-2024-39741 MEDIUM
5.3 Jul 15

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to traverse directories on the

CVE-2024-39740 MEDIUM
5.3 Jul 15

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 displays version information in HTTP requests that could all

Share

CVE-2026-8636 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy