Cyber Posture

CVE-2026-7365

High
Microsoft: not affectedMSmacOS: not affectedMacLinux: not affectedLnxMobile: not affectedMobNetwork: not affectedNetApplication: not affectedAppOther: affectedOth

Published: 27 May 2026

Published
27 May 2026
Modified
27 May 2026
KEV Added
Patch
CVSS Score 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0002 4.7th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-7365 is a high-severity Use of Default Credentials (CWE-1392) vulnerability in Ibm (inferred from references). Its CVSS base score is 8.4 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Default Accounts (T1078.001); ranked at the 4.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

Threat & Defense at a Glance

What attackers do: exploitation maps to Default Accounts (T1078.001).
Threat & Defense Details

Likely Mitigating ControlsAI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

CM-1 Policy and Procedures
addresses: CWE-1392

Mandates replacement of default credentials during secure configuration and provisioning procedures.

IA-1 Policy and Procedures
addresses: CWE-1392

Policy requires changing or avoiding default credentials during system setup and operation.

IA-2 Identification and Authentication (Organizational Users)
addresses: CWE-1392

Unique identification requirement prevents use of default or shared credentials by organizational users.

IA-5 Authenticator Management
addresses: CWE-1392

Changing default authenticators prior to first use prevents use of default credentials.

IA-7 Cryptographic Module Authentication
addresses: CWE-1392

Standards-compliant authentication mechanisms typically prohibit default credentials for cryptographic modules.

PM-30 Supply Chain Risk Management Strategy
addresses: CWE-1392

Consistent implementation of the strategy drives removal or mitigation of default credentials in procured systems and services.

SA-4 Acquisition Process
addresses: CWE-1392

Security functional requirements and acceptance criteria can stipulate that acquired systems must not use default credentials.

SA-5 System Documentation
addresses: CWE-1392

Documentation of known configuration vulnerabilities and secure setup practices reduces reliance on default credentials.

MITRE ATT&CK Enterprise TechniquesAI

T1078.001 Default Accounts Stealth
Adversaries may obtain and abuse credentials of a default account as a means of gaining Initial Access, Persistence, Privilege Escalation, or Defense Evasion.
attack.mitre.org →
Why these techniques?

Default passwords directly enable use of default accounts for initial access/authentication bypass.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

IBM Operations Analytics - Log Analysis  and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication.

Deeper analysisAI

Automated synthesis unavailable for this CVE.

Details

CWE(s)
CWE-1392
OWASP Top 10 Web 2025
A07:2025

Affected Products

Ibm
inferred from references and description; NVD did not file a CPE for this CVE

EU & UK References

References