Lucene search
+L

205 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/01/22 5:10 a.m.7 views

Security Bulletin: Vulnerabilities in Netty affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in Netty has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-58056 DESCRIPTION: Netty is a...

7.5CVSS6.3AI score0.00631EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/22 5:9 a.m.12 views

Security Bulletin: Vulnerabilities in Netty affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in Netty has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-58057 DESCRIPTION: Netty is a...

7.5CVSS6.2AI score0.00561EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/22 5:7 a.m.9 views

Security Bulletin: Vulnerabilities in Formidable affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in Formidable has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-46653 DESCRIPTION:...

3.1CVSS6.5AI score0.00382EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/22 5:6 a.m.6 views

Security Bulletin: Vulnerabilities in Apache Commons Lang affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in Apache Commons Lang has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-48924...

5.3CVSS6.5AI score0.02164EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/22 5:5 a.m.10 views

Security Bulletin: Vulnerabilities in juliangruber affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in juliangruber has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-5889 DESCRIPTION: A...

3.1CVSS4.5AI score0.00459EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/22 4:59 a.m.9 views

Security Bulletin: Vulnerabilities in Netty affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in Netty has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-58056 DESCRIPTION: Netty is a...

7.5CVSS6.3AI score0.00631EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/22 4:58 a.m.9 views

Security Bulletin: Vulnerabilities in Netty affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in Netty has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-55163 DESCRIPTION: Netty is a...

8.2CVSS6.2AI score0.01049EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/22 4:56 a.m.7 views

Security Bulletin: Vulnerabilities in Axios affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in Axios has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-58754 DESCRIPTION: Axios is a...

7.5CVSS6.3AI score0.0106EPSS
Exploits1Affected Software1
UbuntuCve
UbuntuCve
added 2026/01/22 3:15 a.m.10 views

CVE-2026-24001

jsdiff is a JavaScript text differencing implementation. Prior to versions 8.0.3, 5.2.2, 4.0.4, and 3.5.1, attempting to parse a patch whose filename headers contain the line break characters \r, \u2028, or \u2029 can cause the parsePatch method to enter an infinite loop. It then consumes memory...

7.5CVSS6.2AI score0.00562EPSS
Exploits0References5
NVD
NVD
added 2026/01/15 5:16 p.m.9 views

CVE-2026-23496

Pimcore Web2Print Tools Bundle adds tools for web-to-print use cases to Pimcore. Prior to 5.2.2 and 6.1.1, the application fails to enforce proper server-side authorization checks on the API endpoint responsible for managing "Favourite Output Channel Configurations." Testing revealed that an...

5.4CVSS0.00265EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/01/15 4:58 p.m.3 views

CVE-2026-23496

Pimcore Web2Print Tools Bundle adds tools for web-to-print use cases to Pimcore. Prior to 5.2.2 and 6.1.1, the application fails to enforce proper server-side authorization checks on the API endpoint responsible for managing "Favourite Output Channel Configurations." Testing revealed that an...

5.4CVSS5.5AI score0.00265EPSS
Exploits1References6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/13 4:6 p.m.14 views

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to command injection due to the Netty package (CVE-2025-59419)

Summary Netty is used by DataStage on Cloud Pak for Data as part of the event processing functionality. Vulnerability Details CVEID:CVE-2025-59419 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.128.Final and 4.2.7.Final, the SMTP codec ...

6.9CVSS7.7AI score0.01594EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/10 5:41 a.m.5 views

CVE-2026-21896

Kirby is an open-source content management system. From versions 5.0.0 to 5.2.1, Kirby is missing permission checks in the content changes API. This vulnerability affects all Kirby sites where user permissions are configured to prevent specific roles from performing write actions, specifically by...

5.8CVSS6.7AI score0.00189EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:28 a.m.13 views

CVE-2023-49180

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ternstyle LLC Automatic Youtube Video Posts Plugin allows Stored XSS.This issue affects Automatic Youtube Video Posts Plugin: from n/a through 5.2.2...

5.9CVSS6.6AI score0.00386EPSS
Exploits0References1
OSV
OSV
added 2026/01/08 8:32 p.m.3 views

GHSA-4J78-4XRM-CR2F Kirby is missing permission checks in the content changes API

TL;DR This vulnerability affects all Kirby sites where user permissions are configured to prevent specific roles from performing write actions, specifically by disabling the update permission with the intent to prevent modifications to site content. If developers haven't configured any user...

5.8CVSS6.8AI score0.00189EPSS
Exploits0References5
Snyk
Snyk
added 2026/01/08 6:42 p.m.4 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via the content changes API when permission checks are not properly enforced. An attacker can modify site content by sending unauthorized write requests. Note: This is only exploitable if user permissions have be...

5.8CVSS6.8AI score0.00189EPSS
Exploits0References2
NVD
NVD
added 2026/01/08 6:15 p.m.5 views

CVE-2026-21896

Kirby is an open-source content management system. From versions 5.0.0 to 5.2.1, Kirby is missing permission checks in the content changes API. This vulnerability affects all Kirby sites where user permissions are configured to prevent specific roles from performing write actions, specifically by...

5.8CVSS0.00189EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/08 6:9 p.m.25 views

CVE-2026-21896 Kirby is missing permission checks in the content changes API

Kirby is an open-source content management system. From versions 5.0.0 to 5.2.1, Kirby is missing permission checks in the content changes API. This vulnerability affects all Kirby sites where user permissions are configured to prevent specific roles from performing write actions, specifically by...

5.8CVSS0.00189EPSS
Exploits0References3
OSV
OSV
added 2026/01/08 6:9 p.m.5 views

CVE-2026-21896 Kirby is missing permission checks in the content changes API

Kirby is an open-source content management system. From versions 5.0.0 to 5.2.1, Kirby is missing permission checks in the content changes API. This vulnerability affects all Kirby sites where user permissions are configured to prevent specific roles from performing write actions, specifically by...

5.8CVSS6.4AI score0.00189EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/01/08 12:0 a.m.7 views

PT-2026-2126

Name of the Vulnerable Software and Affected Versions Kirby versions 5.0.0 through 5.2.1 Description Kirby is an open-source content management system. Versions 5.0.0 through 5.2.1 are missing permission checks in the content changes API. This affects Kirby sites where user permissions are...

5.8CVSS6.5AI score0.00189EPSS
Exploits0References12
Rows per page
Query Builder