Security Bulletin: IBM Guardium Data Protection is affected by an IBM SDK, Java Technology Edition Quarterly CPU - Oct 2025 - Includes Oracle October 2025 CPU vulnerability (CVE-2025-53066, CVE-2025-53057)

Summary IBM Guardium Data Protection has addressed this vulnerability in an update. Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow a remote attacker to cause high confidentiality impact, no integrity impact...

Security Bulletin: Multiple vulnerabilities in IBM SDK, Java technology affect IBM Tivoli Composite Application Manager for Transactions (Response Time)

Summary IBM SDK, Java Technology Edition is used by IBM Tivoli Composite Application Manager for Transactions Response Time Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow a remote attacker to cause high...

Security Bulletin: Security Vulnerabilities were found in IBM Semeru Runtime Certified Edition provided with IBM Security Verify Directory (CVE-2025-53066, CVE-2025-53057)

Summary Security Vulnerabilities were addressed in IBM Semeru Runtime Certified Edition provided with IBM Security Verify Directory Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow a remote attacker to cause...

Security Bulletin: IBM Storage Insights is vulnerable to weaknesses related to Java SE (CVE-2025-53066,CVE-2025-53057 )

Summary Vulnerabilities in Java SE may affect IBM Storage Insights. Vulnerability CVE-2025-53066 could allow a remote attacker to cause high confidentiality impact, no integrity impact, and no availability impact. Vulnerability CVE-2025-53057 could allow a remote attacker to cause no...

Security Bulletin: Communications Server (CS) for Data Center Deployment and CS for AIX are affected by: IBM SDK, Java Technology Edition Quarterly CPU - Oct 2025 - Includes Oracle October 2025 CPU

Summary Communications Server CS for Data Center Deployment and CS for AIX install a local Java JRE in its product directories. This JRE is used solely for the IBM Key Manager ikeyman tool which is called by the snakeyman script used for managing the SSL key database used by the TN3270 Server and...

Security Bulletin: Communications Server (CS) for Data Center Deployment, CS for Linux, and CS for Linux on System z are affected by: IBM SDK, Java Technology Edition Quarterly CPU - Oct 2025 - Includes Oracle October 2025 CPU

Summary Communications Server CS for Data Center Deployment, CS for Linux, and CS for Linux on System z install a local Java JRE in its product directories. This JRE is used solely for the IBM Key Manager ikeyman tool which is called by the snakeyman script used for managing the SSL key database...

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in IBM Semeru Runtime (CVE-2025-53057, CVE-2025-53066)

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2025-53057, CVE-2025-53066 of IBM Semeru Runtime Quarterly CPU - Oct 2025 Vulnerability Details CVEID:CVE-2025-53057 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security component could allow a remote...

Security Bulletin: IBM Sterling External Authentication Server is vulnerable to multiple issues

Summary Multiple vulnerabilities affect IBM Sterling External Authentication Server and are addressed in the latest release and fixpack Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow a remote attacker to...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.3.1.4)

The version of AOS installed on the remote host is prior to 7.3.1.4. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.3.1.4 advisory. - Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged...

Security Bulletin: Multiple security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM DevOps Code ClearCase [CVE-2025-53066 ,CVE-2025-53057]

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM DevOps Code ClearCase. Information about security vulnerabilities affecting WAS have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

Oracle Linux 7 : java-1.8.0-openjdk (ELSA-2026-0931)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0931 advisory. - Fixes CVE-2026-21925 CVE-2026-21933 CVE-2026-21945 - Fixes CVE-2025-53057 CVE-2025-53066 - Fixed CVE-2025-21587, CVE-2025-30691 and CVE-2025-30698...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Virtualization Engine TS7700

Summary IBM Virtualization Engine TS7700 is susceptible to information Disclosure CVE-2025-53066 and one Tampering CVE-2025-53057 unauthorized data access due to the use of IBM® SDK Java™ Technology Edition, Version 8 Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified...

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in Java SE related to the JAXP component

Summary IBM Watson Discovery Cartridge affected by vulnerability in Java SE related to the JAXP component Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow a remote attacker to cause high confidentiality impac...

Security Bulletin: IBM Tivoli Application Dependency Discovery Manager affected by multiple vulnerabilities due to IBM Java and its runtime

Summary IBM Tivoli Application Dependency Discovery Manager is vulnerable to denial of service due to use of IBM Java and runtimes CVE-2025-53066, CVE-2025-53057 Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could all...

Security Bulletin: Multiple vulnerabilities in IBM Semeru Runtime affect Rational Business Developer

Summary There are vulnerabilities in IBM Semeru Runtime used by Rational Business Developer. Rational Business Developer has provided fixes for the applicable CVEs. These issues were disclosed as part of the IBM Semeru Runtime Quarterly CPU - Oct 2025. Vulnerability Details CVEID:CVE-2025-53057...

Security Bulletin: Vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Business Developer

Summary There are vulnerabilities in IBM® SDK Java™ used by Rational Business Developer. Rational Business Developer has provided fixes for the applicable CVEs. These issues were disclosed as part of the IBM Java SDK and Runtime Environment updates in the Oracle October 2025 Critical Patch Update...

Security Bulletin: IBM Sterling Connect:Direct for Microsoft Windows is vulnerable to issues in IBM Semeru Runtime version 17

Summary There are vulnerabilities in IBM Semeru Runtime version 17 used by IBM Sterling Connect:Direct for Microsoft Windows. IBM Sterling Connect:Direct for Microsoft Windows has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-53057 DESCRIPTION: An unspecified vulnerability i...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects App Connect Professional

Summary There are multiple vulnerabilities in the IBM SDK Java Technology used by App Connect Professional. These issue were disclosed as part of the IBM Java SDK updates in Oct 2025, App Connect Professional has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTIO...

Security Bulletin: Multiple security vulnerabilities in Java may affect IBM Robotic Process Automation

Summary Multiple security vulnerabilities in Java affect IBM Robotic Process Automation. Java is used by IBM Robotic Process Automation as part of metrics and licening, and UMS. This bulletin identifies the fixes required to address these vulnerabilities. Vulnerability Details CVEID:CVE-2025-5305...

Security Bulletin: Confidentiality Vulnerability in IBM Watson Explorer Related to Java SE JAXP

Summary IBM SDK, Java Technology is used within IBM Watson Explorer CVE-2025-53066 Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow a remote attacker to cause high confidentiality impact, no integrity impact,...