A vulnerability identified as critical has been detected in TIBCO BPM Enterprise 4.x . Affected by this issue is some unknown functionality of the component Configuration Handler . This manipulation causes missing authentication. This vulnerability is handled as CVE-2026-3207 . The attack can only be done within the local network. There is not any exploit available. You should upgrade the affected component.