Vulnerability Details CVE-2026-12085
IBM UCD - IBM UrbanCode Deploy 7.3 through 7.3.2.18 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.13, 8.1 through 8.1.2.6, and 8.2 through 8.2.1.0 IBM DevOps Deploy could disclose sensitive configurations and secrets to authenticated users in API responses that could be used in further attacks against the system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 14.2%
CVSS Severity
CVSS v3 Score 6.5
Products affected by CVE-2026-12085
-
cpe:2.3:a:ibm:devops_deploy:*
-
cpe:2.3:a:ibm:devops_deploy:8.0.0.0
-
cpe:2.3:a:ibm:devops_deploy:8.0.0.1
-
cpe:2.3:a:ibm:devops_deploy:8.0.1.0
-
cpe:2.3:a:ibm:devops_deploy:8.0.1.1
-
cpe:2.3:a:ibm:devops_deploy:8.0.1.10
-
cpe:2.3:a:ibm:devops_deploy:8.0.1.11
-
cpe:2.3:a:ibm:devops_deploy:8.0.1.2
-
cpe:2.3:a:ibm:devops_deploy:8.0.1.4
-
cpe:2.3:a:ibm:devops_deploy:8.0.1.6
-
cpe:2.3:a:ibm:devops_deploy:8.0.1.7
-
cpe:2.3:a:ibm:devops_deploy:8.0.1.8
-
cpe:2.3:a:ibm:devops_deploy:8.0.1.9
-
cpe:2.3:a:ibm:devops_deploy:8.1.0.1
-
cpe:2.3:a:ibm:devops_deploy:8.1.1.0
-
cpe:2.3:a:ibm:devops_deploy:8.1.2.0
-
cpe:2.3:a:ibm:devops_deploy:8.1.2.0.ifix
-
cpe:2.3:a:ibm:devops_deploy:8.1.2.1
-
cpe:2.3:a:ibm:devops_deploy:8.1.2.1.ifix
-
cpe:2.3:a:ibm:urbancode_deploy:7.3.0.0
-
cpe:2.3:a:ibm:urbancode_deploy:7.3.0.1
-
cpe:2.3:a:ibm:urbancode_deploy:7.3.1.0
-
cpe:2.3:a:ibm:urbancode_deploy:7.3.1.1
-
cpe:2.3:a:ibm:urbancode_deploy:7.3.2.0
-
cpe:2.3:a:ibm:urbancode_deploy:7.3.2.1
-
cpe:2.3:a:ibm:urbancode_deploy:7.3.2.10
-
cpe:2.3:a:ibm:urbancode_deploy:7.3.2.11
-
cpe:2.3:a:ibm:urbancode_deploy:7.3.2.12
-
cpe:2.3:a:ibm:urbancode_deploy:7.3.2.13
-
cpe:2.3:a:ibm:urbancode_deploy:7.3.2.14
-
cpe:2.3:a:ibm:urbancode_deploy:7.3.2.15
-
cpe:2.3:a:ibm:urbancode_deploy:7.3.2.16
-
cpe:2.3:a:ibm:urbancode_deploy:7.3.2.2
-
cpe:2.3:a:ibm:urbancode_deploy:7.3.2.3
-
cpe:2.3:a:ibm:urbancode_deploy:7.3.2.4
-
cpe:2.3:a:ibm:urbancode_deploy:7.3.2.5
-
cpe:2.3:a:ibm:urbancode_deploy:7.3.2.6
-
cpe:2.3:a:ibm:urbancode_deploy:7.3.2.7
-
cpe:2.3:a:ibm:urbancode_deploy:7.3.2.8
-
cpe:2.3:a:ibm:urbancode_deploy:7.3.2.9