By Ashish Khaitan
Publication Date: 2026-01-06 07:57:00
Singapore Cyber Agency Warns of Critical IBM API Connect Vulnerability (CVE-2025-13915)
A critical authentication bypass flaw, CVE-2025-13915, affects IBM API Connect. Singapore issues alert as IBM releases fixes.
Overview
The Cyber Security Agency of Singapore has issued an alert regarding a critical vulnerability affecting IBM API Connect, following the release of official security updates by IBM on 2 January 2026. The flaw, tracked as CVE-2025-13915, carries a CVSS v3.1 base score of 9.8, placing it among the most severe vulnerabilities currently disclosed for enterprise automation software.
According to IBM’s security bulletin, the issue stems from an authentication bypass weakness that could allow a remote attacker to gain unauthorized access to affected systems without valid credentials. The vulnerability impacts multiple versions of IBM API Connect, a widely used platform for managing application programming…
