Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

API Connect — Vulnerabilities & Security Advisories 77

All 77 CVE vulnerabilities found in API Connect, with AI-generated Chinese analysis, references, and POCs.

This page documents known security vulnerabilities associated with IBM API Connect, categorizing weaknesses by common platform classifications and industry-standard tags. The collection aggregates vulnerability data spanning from 2018 through the present, capturing reports released by vendors, independent security researchers, and automated monitoring systems. It provides a comprehensive view of the threat landscape specific to this API management solution, ensuring that historical and recent issues are readily accessible for analysis. Readers can use this resource to track vendor advisories as they are issued, allowing for timely assessment of emerging risks. The platform also enables users to understand specific weakness classes in the context of API Connect, offering insights into how different vulnerability types impact this particular software ecosystem. Furthermore, individuals can look up the product's vulnerability history to identify trends, recurring issues, or patterns in patch deployment and remediation efforts over time. This structured approach supports security teams in maintaining a clear understanding of their exposure levels and prioritizing mitigation strategies effectively. By centralizing this information, the page serves as a critical reference point for administrators and security analysts managing IBM API Connect environments. It facilitates informed decision-making regarding upgrades, configuration changes, and security posture improvements based on verified historical data. The content is organized to help users navigate the complex nature of software vulnerabilities without requiring prior knowledge of every specific incident. This ensures that all stakeholders can quickly grasp the relevant security context and take appropriate action to protect their infrastructure against identified threats.

Vendor: IBM Corporation

CVE IDTitleCVSSSeverityPublished
CVE-2025-13915 Authentication bypass in IBM API Connect CWE-305 9.8 Critical2025-12-26
CVE-2023-47722 IBM API Connect information disclosure 6.2 Medium2023-12-09
CVE-2023-28522 IBM API Connect improper access control 4.3 Medium2023-05-12
CVE-2022-34350 IBM API Connect security bypass 5.3 Medium2023-02-08
CVE-2021-38997 IBM API Connect HOST header injection CWE-644 5.4 Medium2022-12-01
CVE-2021-29772 IBM API Connect 代码注入漏洞 9.8 -2021-08-26
CVE-2021-29715 IBM API Connect 安全漏洞 9.1 -2021-08-26
CVE-2020-4706 IBM API Connect 跨站脚本漏洞 5.4 -2021-08-17
CVE-2020-4707 IBM API Connect 跨站脚本漏洞 5.4 -2021-08-04
CVE-2021-20440 IBM API Connect 安全漏洞 4.3 -2021-03-15
CVE-2020-4903 IBM API Connect 安全漏洞 8.2 -2021-03-08
CVE-2020-4695 IBM API Connect 安全漏洞 7.5 -2021-03-08
CVE-2020-4828 IBM API Connect 输入验证错误漏洞 6.5 -2021-02-04
CVE-2020-4827 IBM API Connect 跨站请求伪造漏洞 8.8 -2021-02-04
CVE-2020-4825 IBM API Connect 跨站脚本漏洞 5.4 -2021-02-04
CVE-2020-4826 IBM API Connect 跨站请求伪造漏洞 8.8 -2021-02-04
CVE-2020-4640 IBM API Connect 信息泄露漏洞 4.1 -2021-02-04
CVE-2020-4838 IBM API Connect 跨站脚本漏洞 5.4 -2021-01-12
CVE-2020-4899 IBM API Connect 安全漏洞 9.1 -2021-01-05
CVE-2020-4638 IBM API Connect 安全漏洞 7.2 -2020-09-03
CVE-2020-4337 IBM API Connect 安全漏洞 6.5 -2020-09-03
CVE-2020-4452 IBM API Connect 信息泄露漏洞 7.5 -2020-06-29
CVE-2020-4251 IBM API Connect 跨站脚本漏洞 5.4 -2020-06-12
CVE-2020-4346 IBM API Connect 信息泄露漏洞 5.3 -2020-05-12
CVE-2020-4195 IBM API Connect 安全漏洞 6.1 -2020-05-12
CVE-2019-4553 IBM API Connect 信息泄露漏洞 7.5 -2020-03-24
CVE-2019-4609 IBM API Connect 信息泄露漏洞 7.5 -2019-12-18
CVE-2019-4444 IBM API Connect 信息泄露漏洞 6.5 -2019-12-16
CVE-2019-4600 IBM API Connect 信息泄露漏洞 5.3 -2019-10-28
CVE-2019-4437 IBM API Connect 信息泄露漏洞 7.5 -2019-08-20

All 77 known CVE vulnerabilities affecting API Connect with full Chinese analysis, references, and POCs where available.