CVE-2026-8175 Multiple vulnerabilities in Aspera applications.

🗓️ 27 May 2026 13:17:06Reported by ibmType

CVE-2026-8175: Buffer overflow in asperahttpd may cause denial of service and authentication bypass.

Reporter	Title	Published	Views	Family All 11
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Aspera applications.	22 May 202619:21	–	ibm
ATTACKERKB	CVE-2026-8175	27 May 202613:17	–	attackerkb
Circl	CVE-2026-8175	27 May 202615:01	–	circl
CNNVD	IBM Aspera High-Speed Transfer Endpoint和IBM Aspera High-Speed Transfer Server 安全漏洞	27 May 202600:00	–	cnnvd
CVE	CVE-2026-8175	27 May 202613:17	–	cve
EUVD	EUVD-2026-32496	27 May 202613:17	–	euvd
NCSC	Vulnerabilities present in IBM Aspera High-Speed Transfer Endpoint and Server	8 Jun 202608:31	–	ncsc
NVD	CVE-2026-8175	27 May 202614:17	–	nvd
Positive Technologies	PT-2026-43987	27 May 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-8175	5 Jun 202619:11	–	redhatcve

[
  {
    "vendor": "IBM",
    "product": "Aspera High-Speed Transfer Endpoint",
    "versions": [
      {
        "status": "affected",
        "version": "3.7.4",
        "lessThanOrEqual": "4.4.7 Fix Pack 1",
        "versionType": "semver"
      }
    ],
    "cpes": [
      "cpe:2.3:a:ibm:aspera_high_speed_transfer_endpoint:3.7.4:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:aspera_high_speed_transfer_endpoint:4.4.7:*:*:*:*:*:*:*"
    ]
  },
  {
    "vendor": "IBM",
    "product": "Aspera High-Speed Transfer Server",
    "versions": [
      {
        "status": "affected",
        "version": "3.7.4",
        "lessThanOrEqual": "4.4.7 Fix Pack 1",
        "versionType": "semver"
      }
    ],
    "cpes": [
      "cpe:2.3:a:ibm:aspera_high_speed_transfer_server:3.7.4:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:aspera_high_speed_transfer_server:4.4.7:*:*:*:*:*:*:*"
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/7273615

27 May 2026 13:17Current

CVSS 3.19.8

EPSS0.00459

CWE-122