Security Bulletin: Vulnerability in IBM WebSphere Application (CVE-2026-1561) affects IBM PowerVM Novalink.

Summary IBM WebSphere Libery Profile is used by IBM PowerVM Novalink. IBM PowerVM Novalink has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2026-1561 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is...

Security Bulletin: IBM SPSS Analytic Server is affected by multiple vulnerabilities in IBM WebSphere Application Server Liberty

Summary IBM SPSS Analytic Server is affected by multiple vulnerabilities in IBM WebSphere Application Server Liberty CVE-2025-14915, CVE-2025-14917, CVE-2026-3621, CVE-2026-1561, CVE-2026-29063. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2026-29063...

Security Bulletin: IBM MQ is affected by a server-side request forgery vulnerability in IBM WebSphere Application Server Liberty (CVE-2026-1561)

Summary IBM WebSphere Application Server Liberty is used by IBM MQ as part of the IBM MQ Console and IBM MQ REST API functionality CVE-2026-1561 Vulnerability Details CVEID:CVE-2026-1561 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application...

Security Bulletin: Multiple security vulnerabilities may affect IBM WebSphere Liberty that is shipped with TXSeries for Multiplatforms (CVE-2025-14915, CVE-2025-14917, CVE-2025-14923, CVE-2026-1561, CVE-2026-29063).

Summary Multiple security vulnerabilities may affect IBM WebSphere Liberty that is shipped with TXSeries for Multiplatforms CVE-2025-14915, CVE-2025-14917, CVE-2025-14923, CVE-2026-1561, CVE-2026-29063. IBM WebSphere Liberty has been updated within TXSeries for Multiplatforms to address these...

RHCOS 4 : Red Hat build of MicroShift 4.15.6 (RHSA-2024:1561)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1561 advisory. - golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 Note that Nessus has not tested for this iss...

Security Bulletin: SPSS Collaboration and Deployment Services is affected by multiple vulnerabilities in IBM WebSphere Application Server Liberty

Summary SPSS Collaboration and Deployment Services is affected by multiple vulnerabilities in IBM WebSphere Application Server Liberty CVE-2025-14923, CVE-2025-14915, CVE-2024-29371, CVE-2026-1561, CVE-2026-29063, CVE-2025-14917. This has been addressed in the remediation section. Vulnerability...

Security Bulletin: IBM WebSphere Application Server Liberty is affected by server-side request forgery (CVE-2026-1561)

Summary IBM WebSphere Application Server Liberty is affected by server-side request forgery with the samlWeb-2.0 feature enabled. Vulnerability Details CVEID:CVE-2026-1561 DESCRIPTION: IBM WebSphere Application Server Liberty is vulnerable to server-side request forgery SSRF. This may allow remot...

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Enterprise Application Runtimes, is affected by a server-side request forgery vulnerability (CVE-2026-1561)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Enterprise Application Runtimes, is affected by a server-side request forgery vulnerability with the samlWeb-2.0 feature enabled. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes secti...

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by a server-side request forgery vulnerability (CVE-2026-1561)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by a server-side request forgery vulnerability with the samlWeb-2.0 feature enabled. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

CVE-2026-1561

IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is vulnerable to server-side request forgery SSRF. This may allow remote attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating...

CVE-2026-1561

creationtimestamp| type| source ---|---|--- 2026-03-24 15:30:04+00:00| seen| https://bsky.app/profile/knaepp.bsky.social/post/3mhsvdoje7e2m 2026-03-26 00:14:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhwd4t5c3w2i...

MiracleLinux 7 : firefox-78.8.0-1.0.1.el7.AXS7 (AXSA:2021-1561:05)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1561:05 advisory. Mozilla: Content Security Policy violation report could have contained the destination of a redirect CVE-2021-23968 Mozilla: Content Security Policy...

CVE-2025-1561

The AppPresser – Mobile App Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' parameter in all versions up to, and including, 4.4.10 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

CVE-2011-1561

The LDAP login feature in bos.rte.security 6.1.6.4 in IBM AIX 6.1, when ldapauth is enabled in ldap.cfg, allows remote attackers to bypass authentication via a login attempt with an arbitrary password...

CVE-2025-1561

The AppPresser – Mobile App Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' parameter in all versions up to, and including, 4.4.10 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

CVE-2025-1561

creationtimestamp| type| source ---|---|--- 2025-03-13 04:42:12+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7396 2025-03-13 06:30:35+00:00| published-proof-of-concept| Telegram/cirjMav2qthUHQuL9ZERJzwyhlHYOBL7ICnhX4m3pJXfR8 2025-03-13 07:15:15+00:00| seen|...

CVE-2025-1561 AppPresser – Mobile App Framework <= 4.4.10 - Unauthenticated Stored Cross-Site Scripting

The AppPresser – Mobile App Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' parameter in all versions up to, and including, 4.4.10 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

CVE-2024-1561

An issue was discovered in gradio-app/gradio, where the /componentserver endpoint improperly allows the invocation of any method on a Component class with attacker-controlled arguments. Specifically, by exploiting the moveresourcetoblockcache method of the Block class, an attacker can copy any fi...

CVE-2024-20084

In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08944210; Issue ID: MSV-1561...

CVE-2024-1561

creationtimestamp| type| source ---|---|--- 2024-05-11 13:48:55+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/7277 2024-05-14 03:25:11+00:00| published-proof-of-concept| Telegram/v-Ke2icr51-PqqUlXFecYLVSiGZOdun89f-7jmTrgElcRI7m 2025-04-22 02:52:22+00:00| published-proof-of-concept...