HarborGuard / CVE
Back to search
HIGHCVE-2026-3912Published Modified CNA tibco

CVE-2026-3912: TIBCO ActiveMatrix BusinessWorks Injection Vulnerability

Injection vulnerabilities due to validation/sanitisation of user-supplied input in ActiveMatrix BusinessWorks and Enterprise Administrator allows information disclosure, including exposure of accessible local files and host system details, and may allow manipulation of application behaviour.

Metrics

CVSS v4.0
8.7
Severity
HIGH
Fixed in
HF1
Affected Products
2

Fix available

HF1HF2HF4HF6HF8
Affected packages
  • Tibco / ActiveMatrix BusinessWorks
    < HF1 (from 6.12.0) · < HF4 (from 6.11.0) · < HF6 (from 6.10.0) · < HF8 (from 6.9.1)
  • Tibco / Enterprise Administrator
    < HF2 (from 2.4.3)
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L
References