CVE-2026-4096 medium vulnerability summary
IBM DevOps Plan 3.0.0 through 3.0.6 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable syste...
CVE-2026-4096 is listed by Tenable as a Medium severity CVE. The issue should be reviewed by teams that operate the affected software or dependencies.
IBM DevOps Plan 3.0.0 through 3.0.6 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking
Recommended action
Confirm whether the affected product or library is present in your environment, review the vendor guidance, and apply the available update or mitigation where applicable.
This brief is based on information from Tenable Newest CVEs . Please refer to the original source for the complete advisory and vendor-specific guidance.
Related Posts
Critical Vulnerability in Oracle PeopleSoft Enterprise PeopleTools
About CSAInformation forAlerts & AdvisoriesNews & EventsLegislationOur ProgrammesResourcesHomeAlerts & AdvisoriesAlertsCritical Vulnerability in Oracle PeopleSoft Enterprise PeopleToolsAlertsCritical Vulnerability in Ora...
Critical Vulnerability in Fortinet FortiSandbox
About CSAInformation forAlerts & AdvisoriesNews & EventsLegislationOur ProgrammesResourcesHomeAlerts & AdvisoriesAlertsCritical Vulnerability in Fortinet FortiSandboxAlertsCritical Vulnerability in Fortinet FortiSandbox1...
Critical Vulnerabilities in Ivanti Sentry
About CSAInformation forAlerts & AdvisoriesNews & EventsLegislationOur ProgrammesResourcesHomeAlerts & AdvisoriesAlertsCritical Vulnerabilities in Ivanti SentryAlertsCritical Vulnerabilities in Ivanti Sentry12 June 2026