What the vulnerability does
01Description
IBM CICS Transaction Gateway for Multiplatforms 9.3 and 10.1 could allow a user to transfer or view files due to improper access controls.
CVE-2026-0977
MEDIUM
CVE-2026-0977: IBM CICS Transaction Gateway for Multiplatforms Information Disclosure
CVSS base score
5.1/10
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Key dates
02Disclosure timeline
March 13, 2026
CVE published
March 16, 2026
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-47993 Microsoft PC Manager Elevation of Privilege Vulnerability
CVE-2023-0998 SourceCodester Alphaware Simple E-Commerce System Payment summary.php access control
CVE-2026-3429 Org.keycloak.services.resources.account: improper access control leading to mfa deletion and account takeover in keycloak account rest api
CVE-2023-45844
CVE-2024-0370 Views for WPForms <= 3.2.2 - Missing Authorization via save_view
