Security Bulletin: IBM InfoSphere Optim Archive Viewer is affected by multiple vulnerabilities in lodash and lodash-es (CVE-2026-2950, CVE-2026-4800)

Summary Multiple vulnerabilities in the lodash and lodash-es utility libraries CVE-2026-2950, CVE-2026-4800 used by IBM InfoSphere Optim Archive Viewer have been addressed by upgrading the components to version 4.18.0. Vulnerability Details CVEID:CVE-2026-2950 DESCRIPTION: Impact: Lodash versions...

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2026-2950)

Summary IBM Security SOAR uses an older version of the Lodash component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.10.0 Vulnerability Details CVEID:CVE-2026-2950 DESCRIPTION: Impact:...

RLSA-2026:19167 Important: pcs security update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: lodash: lodash: Arbitrary code execution via untrusted input in template imports CVE-2026-4800 For more details about the security issues, including the impact, a CVSS score,...

Security Bulletin: IBM Quantum Safe Remediator is affected by mutiple vulnerabilities

Summary The vulnerabilities are found in the dependent open source libraries used in IBM Quantum Safe Remediator code base. IBM Quantum Safe Remediator has addressed these vulnerabilities by updating the versions of the affected libraries. Vulnerability Details CVEID:CVE-2026-2950 DESCRIPTION:...

Important: Red Hat Security Advisory: pcs security update

An update for pcs is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

RHEL 10 : pcs (RHSA-2026:19008)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19008 advisory. The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: lodash: lodash: Arbitrary co...

CLEANSTART-2026-BE61221 Security fixes for CVE-2025-62718, CVE-2025-69873, CVE-2026-29045, CVE-2026-29085, CVE-2026-29086, CVE-2026-29087, CVE-2026-2950, CVE-2026-30827, CVE-2026-33750, CVE-2026-33891, CVE-2026-33894, CVE-2026-33895, CVE-2026-33896, CVE-2026-33916, CVE-2026-33937, CVE-2026-34043, CVE-2026-35213, CVE-2026-39406, CVE-2026-39407, CVE-2026-39408, CVE-2026-39409, CVE-2026-39410, CVE-2026-40175, CVE-2026-41238, CVE-2026-41239, CVE-2026-41240, CVE-2026-42033, CVE-2026-42034, CVE-2026-42035, CVE-2026-42036, CVE-2026-42037, CVE-2026-42038, CVE-2026-42039, CVE-2026-42040, CVE-2026-42041, CVE-2026-42042, CVE-2026-42043, CVE-2026-42044, CVE-2026-42264, CVE-2026-42338, CVE-2026-44455, CVE-2026-44456, CVE-2026-44457, CVE-2026-44458, CVE-2026-44459, CVE-2026-4800, CVE-2026-4923, CVE-2026-4926, CVE-2026-6321, CVE-2026-6322, ghsa-2328-f5f3-gj25, ghsa-26pp-8wgv-hjvm, ghsa-27v5-c462-wpq7, ghsa-2g4f-4pwh-qvx6, ghsa-2qvq-rjwj-gvw9, ghsa-2w6w-674q-4c4q, ghsa-39q2-94rc-95cp, ghsa-3mfm-83xf-c92r, ghsa-3p68-rc4w-qgx5, ghsa-3v7f-55p6-f55p, ghsa-3w6x-2g7m-8v23, ghsa-442j-39wm-28r2, ghsa-445q-vr5w-6q77, ghsa-458j-xx4x-4375, ghsa-46wh-pxpv-q5gq, ghsa-5c6j-r48x-rmvq, ghsa-5c9x-8gcm-mpgx, ghsa-5m6q-g25r-mvwx, ghsa-5pq2-9x2x-5p6w, ghsa-62hf-57xw-28j9, ghsa-69xw-7hcm-h432, ghsa-6chq-wfr3-2hj9, ghsa-7rx3-28cr-v5wh, ghsa-92pp-h63x-v22m, ghsa-9cx6-37pm-9jff, ghsa-9vqf-7f2p-gf9v, ghsa-c2c7-rcm5-vvqj, ghsa-crv5-9vww-q3g8, ghsa-f23m-r3pf-42rh, ghsa-f886-m6hf-6m8v, ghsa-fvcv-3m26-pcqx, ghsa-h7mw-gpvr-xq4m, ghsa-j3q9-mxjg-w52f, ghsa-jg4p-7fhp-p32p, ghsa-m7pr-hjqh-92cm, ghsa-p6xx-57qc-3wxr, ghsa-p77w-8qqv-26rm, ghsa-pf86-5x62-jrwf, ghsa-pmwg-cvhr-8vh7, ghsa-ppp5-5v6c-4jwp, ghsa-q3j6-qgpj-74h6, ghsa-q5qw-h33p-qvwr, ghsa-q67f-28xg-22rw, ghsa-q8qp-cvcw-x6jj, ghsa-qj8w-gfj5-8c6v, ghsa-qp7p-654g-cw7p, ghsa-r4q5-vmmm-2653, ghsa-r5fr-rjxr-66jc, ghsa-r5rp-j6wh-rvv4, ghsa-v2v4-37r5-5v8g, ghsa-v39h-62p7-jpjc, ghsa-v8w9-8mx6-g223, ghsa-v9jr-rg53-9pgp, ghsa-vf2m-468p-8v99, ghsa-w9j2-pvgh-6h63, ghsa-wc8c-qw6v-h7f6, ghsa-wmmm-f939-6g9c, ghsa-xf4j-xp2r-rqqx, ghsa-xhjh-pmcv-23jw, ghsa-xhpv-hc6g-r9c6, ghsa-xjpj-3mr7-gcpf, ghsa-xpcf-pg52-r92g, ghsa-xx6v-rp6x-q39c applied in versions: 2.19.5-r0

Multiple security vulnerabilities affect the opensearch-dashboards-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities in Lodash

Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities in Lodash. CVE-2026-2950, CVE-2026-4800 The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-2950 DESCRIPTION: Impact: Lodash versions 4.17.23 and...

Security Bulletin: IBM Maximo Scheduler Optimizer uses lodash-4.17.23.tgz which is vulnerable to CVE-2026-2950, CVE-2026-4800

Summary IBM Maximo Scheduler Optimizer uses lodash-4.17.23.tgz which is vulnerable to CVE-2026-2950, CVE-2026-4800. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-2950 DESCRIPTION: Impact: Lodash versions 4.17.23 and earlier ar...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses lodash-4.17.23.tgz which is vulnerable to CVE-2026-2950, CVE-2026-4800

Summary IBM Maximo Application Suite - Visual Inspection component uses lodash-4.17.23.tgz which is vulnerable to CVE-2026-2950, CVE-2026-4800, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-2950 DESCRIPTION: Impact: Lodash...

Security Bulletin: There is a vulnerability in lodash-4.17.23.tgz used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-2950)

Summary There is a vulnerability in lodash-4.17.23.tgz used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-2950 DESCRIPTION: Impact: Lodash versions 4.17.23 and earlier are vulnerable to prototype pollution in the .unset and .omit functions...

Security Bulletin: IBM Edge Data Collector uses lodash-4.17.23.tgz, lodash-es-4.17.23.tgz which is vulnerable to CVE-2026-2950, CVE-2026-4800.

Summary IBM Edge Data Collector uses lodash-4.17.23.tgz, lodash-es-4.17.23.tgz which is vulnerable to CVE-2026-2950, CVE-2026-4800. This bulletin contains information addressing the vulnerabilities. Vulnerability Details CVEID:CVE-2026-2950 DESCRIPTION: Impact: Lodash versions 4.17.23 and earlier...

Important: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.19.15 security, enhancement & bug fix update

Red Hat OpenShift Data Foundation 4.19.15 security, enhancement & bug fix update Red Hat OpenShift Data Foundation 4.19.15 security, enhancement & bug fix update FIXED BUGS: ========== DFBUGS-6345: RHODF 4.19.15 DFBUGS-5942: Backport to odf-4.19.z External Mode: noobaa-default-backing-store is in...

AlmaLinux 10 : pcs (ALSA-2026:10713)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:10713 advisory. lodash: lodash: Arbitrary code execution via untrusted input in template imports CVE-2026-4800 Tenable has extracted the preceding description block directly fro...

Important: Red Hat Security Advisory: pcs security update

An update for pcs is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

Important: Red Hat Security Advisory: pcs security update

An update for pcs is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System...

Important: Red Hat Security Advisory: pcs security update

An update for pcs is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

Important: Red Hat Security Advisory: pcs security update

An update for pcs is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

RHEL 9 : pcs (RHSA-2026:11471)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:11471 advisory. The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: lodash: lodash: Arbitrary cod...

RHEL 10 : pcs (RHSA-2026:11470)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:11470 advisory. The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: lodash: lodash: Arbitrary co...