CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

IBM Security Bulletins•added 6 days ago•18 views

Security Bulletin: Multiple Vulnerabilities in Apache Log4j Core shipped in Tivoli Netcool/OMNIbus

Summary The Netcool/Omnibus 'Administrator GUI' and 'Accelerated Event Notification GUI' desktop components use a version of Apache Log4j that contains known vulnerabilities. These vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in...

7.5CVSS6.5AI score0.00055EPSS

IBM Security Bulletins•added 6 days ago•7 views

Security Bulletin: There is a vulnerability in log4j-core-2.25.3.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-34477, CVE-2026-34478, CVE-2026-34480)

Summary There is a vulnerability in log4j-core-2.25.3.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-34477 DESCRIPTION: The fix for CVE-2025-68161 https://logging.apache.org/security.htmlCVE-2025-68161 was incomplete: it addressed...

7.5CVSS6.5AI score0.00039EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 6 days ago•8 views

Security Bulletin: There is a vulnerability in log4j-core-2.25.3.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-34477, CVE-2026-34478, CVE-2026-34480)

7.5CVSS6.5AI score0.00039EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 6 days ago•8 views

Security Bulletin: There is a vulnerability in log4j-core-2.25.3.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-34480 ,CVE-2026-34477, CVE-2026-34478, CVE-2026-34479)

7.5CVSS6.5AI score0.00126EPSS

GithubExploit•added last week•173 views

osv-java-poc

OSV Scanner CVE Detection POC — Vulnerable Java App ⚠️ WA...

10CVSS7.2AI score0.94428EPSS

Exploits463

IBM Security Bulletins•added 2026/05/27 5:36 p.m.•9 views

Security Bulletin: IBM SPSS Modeler is affected by multiple vulnerabilities in Apache Log4j

Summary IBM SPSS Modeler is affected by multiple vulnerabilities in Apache Log4j. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname...

7.5CVSS6.4AI score0.00126EPSS

Exploits2Affected Software1

OSV•added 2026/05/27 9:58 a.m.•4 views

ROOT-APP-MAVEN-CVE-2026-34478 CVE-2026-34478 in io.root.org.apache.logging.log4j:log4j-core - Patched by Root

Root has patched CVE-2026-34478 in the io.root.org.apache.logging.log4j:log4j-core package for Root:Maven. Multiple fixed versions available...

7.5CVSS5.8AI score0.00034EPSS

Exploits0

OSV•added 2026/05/27 9:58 a.m.•4 views

ROOT-APP-MAVEN-CVE-2026-34480 CVE-2026-34480 in io.root.org.apache.logging.log4j:log4j-core - Patched by Root

Root has patched CVE-2026-34480 in the io.root.org.apache.logging.log4j:log4j-core package for Root:Maven. Multiple fixed versions available...

7.5CVSS5.8AI score0.00034EPSS

Exploits0

GithubExploit•added 2026/05/26 1:35 p.m.•50 views

Exploit for Improper Input Validation in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

log4shell-poc-maven ⚠️ INTENTIONALLY VULNERABLE FOR SCA T...

10CVSS7AI score0.94358EPSS

Exploits341

IBM Security Bulletins•added 2026/05/22 2:52 p.m.•11 views

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to multiple vulnerabilities due to Apache Log4j ( CVE-2026-34477, CVE-2026-34478, CVE-2026-34479 & CVE-2026-34480 )

Summary IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to multiple vulnerabilities due to Apache Log4j. Vulnerability Details CVEID:CVE-2026-34477 DESCRIPTION: The fix for CVE-2025-68161 https://logging.apache.org/security.htmlCVE-2025-68161 was incomplete: it addresse...

7.5CVSS5.8AI score0.00126EPSS

Exploits1Affected Software2

Tenable Nessus•added 2026/05/22 12:0 a.m.•9 views

Unity Linux 20.1070e Security Update: mx4j (UTSA-2026-016744)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016744 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...

Tenable Nessus•added 2026/05/22 12:0 a.m.•5 views

Unity Linux 20.1070e Security Update: infinispan (UTSA-2026-016749)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016749 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...

Tenable Nessus•added 2026/05/22 12:0 a.m.•5 views

Unity Linux 20.1070e Security Update: datanucleus-rdbms (UTSA-2026-016692)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016692 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...

Tenable Nessus•added 2026/05/22 12:0 a.m.•5 views

Unity Linux 20.1070e Security Update: jgroups (UTSA-2026-016741)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016741 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...

Tenable Nessus•added 2026/05/22 12:0 a.m.•3 views

Unity Linux 20.1060e / 20.1070e Security Update: avalon-framework (UTSA-2026-016662)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016662 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...

IBM Security Bulletins•added 2026/05/19 6:38 a.m.•5 views

Security Bulletin: Multiple Vulnerabilities affects IBM Data Studio Client 4.2.2

Summary Security Fix of multiple Vulnerabilities of IBM Data Studio Client 4.2.2. The vulnerabilities have been addressed in 4.2.2 version. Hence, IBM strongly recommends upgrading to 4.2.2. Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions...

9.8CVSS7AI score0.00029EPSS

OSV•added 2026/05/15 9:37 a.m.•1 views

ROOT-APP-MAVEN-CVE-2025-68161 CVE-2025-68161 in io.root.org.apache.logging.log4j:log4j-core - Patched by Root

Root has patched CVE-2025-68161 in the io.root.org.apache.logging.log4j:log4j-core package for Root:Maven. Multiple fixed versions available...

4.8CVSS5.8AI score0.00029EPSS

Exploits1

OSV•added 2026/05/15 9:37 a.m.•4 views

ROOT-APP-MAVEN-CVE-2026-34477 CVE-2026-34477 in io.root.org.apache.logging.log4j:log4j-core - Patched by Root

Root has patched CVE-2026-34477 in the io.root.org.apache.logging.log4j:log4j-core package for Root:Maven. Multiple fixed versions available...

5.9CVSS5.8AI score0.00039EPSS

Exploits0

IBM Security Bulletins•added 2026/05/11 6:59 a.m.•10 views

Security Bulletin: IBM App Connect for Manufacturing is vulnerable to multiple vulnerabilities due to Apache Log4j and Bouncy Castle.

Summary IBM App Connect for Manufacturing is vulnerable to multiple vulnerabilities due to Apache Log4j and Bouncy Castle. Vulnerability Details CVEID:CVE-2026-34477 DESCRIPTION: The fix for CVE-2025-68161 https://logging.apache.org/security.htmlCVE-2025-68161 was incomplete: it addressed hostnam...

9.9CVSS5.8AI score0.00126EPSS