By LinkedInEditors
Publication Date: 2025-12-31 12:35:00
IBM has issued an urgent security advisory warning customers of a critical authentication bypass vulnerability in its API Connect platform, a widely used enterprise solution for managing application programming interfaces (APIs). The flaw, if left unpatched, could allow remote attackers to gain unauthorized access to applications without requiring valid credentials, significantly increasing the risk of data exposure and system compromise.
The vulnerability, tracked as CVE-2025-13915, carries a CVSS severity score of 9.8 out of 10, placing it in the “critical” category. According to IBM, the issue affects API Connect versions 10.0.11.0 and versions 10.0.8.0 through 10.0.8.5, spanning both relatively recent and still widely deployed releases.
What Is IBM API Connect and Why It Matters
…
