Skip to content

Identity & Access Management · head-to-head

IBM Security Identity vs SailPoint

On-prem IAM/IGA/PAM/MFA: directories, federation, privileged access, SSO. Counts are scoped to this segment and the selected published-date window. IBM Security Identity carries 10.3× the disclosed CVE volume of SailPoint. Volume reflects disclosure practice and install base as much as code quality — read it with the severity mix. Sourced from the NIST NVD; lower counts indicate a smaller disclosed vulnerability surface — not necessarily lower risk.

01

Disclosure record

Bars are normalized per row to the larger value; the leading count is emphasized.

Metric comparison: IBM Security Identity versus SailPoint. Each row gives the metric, IBM Security Identity’s count on the left and SailPoint’s count on the right.
IBM Security IdentityMetricSailPoint
31Total CVEs3
5Critical1
10High2
14Medium0
2Low0
108Open in latest9
02

Risk profile

Each severity band as a share of the vendor's own total — strips out raw volume so the profiles compare directly.

IBM Security Identity

16.1% critical
Critical
516.1%
High
1032.3%
Medium
1445.2%
Low
26.5%

SailPoint

33.3% critical
Critical
133.3%
High
266.7%
Medium
00.0%
Low
00.0%
03

Recent activity

Latest in-window disclosures per vendor, newest first. Each ID links to its NVD record.

IBM Security Identity

Recent CVEs affecting IBM Security Identity
CVESeverityCVSSPublished
CVE-2026-5926(opens NVD record)Medium
6.5
Apr 23, 2026
CVE-2026-1346(opens NVD record)Critical
9.3
Apr 8, 2026
CVE-2026-1343(opens NVD record)High
7.2
Apr 8, 2026
CVE-2026-1342(opens NVD record)High
8.5
Apr 8, 2026
CVE-2026-4364(opens NVD record)Medium
5.4
Apr 1, 2026
CVE-2026-4101(opens NVD record)High
8.1
Apr 1, 2026

SailPoint

Recent CVEs affecting SailPoint
CVESeverityCVSSPublished
CVE-2026-5712(opens NVD record)High
8.0
Apr 29, 2026
CVE-2025-10280(opens NVD record)High
7.1
Nov 3, 2025
CVE-2024-10905(opens NVD record)Critical
10.0
Dec 2, 2024

Track new CVEs for these vendors

Get an email the moment a new vulnerability is disclosed for the products you rely on.

Get alerts