Lucene search
K

24 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/30 7:44 a.m.8 views

Security Bulletin: Maximo AI Service uses cryptography-46.0.6-cp311-abi3-manylinux_2_34_x86_64.whl and tomcat-embed-core-10.1.54.jar which are vulnerable to CVE-2026-39892, CVE-2026-41293, CVE-2026-43512, CVE-2026-43513 and CVE-2026-43515.

Summary Maximo AI Service uses cryptography-46.0.6-cp311-abi3-manylinux234x8664.whl and tomcat-embed-core-10.1.54.jar which are vulnerable to CVE-2026-39892, CVE-2026-41293, CVE-2026-43512, CVE-2026-43513 and CVE-2026-43515. This bulletin contains information regarding the vulnerability and its...

9.8CVSS5.9AI score0.01339EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/01 8:35 a.m.9 views

Security Bulletin: Maximo AI Service uses multiple third party dependencies which are vulnerable to multiple CVEs.

Summary Maximo AI Service uses fast-xml-parser-5.3.6.tgz, mlflow-3.9.0rc0-py3-none-any.whl, bcpkix-jdk18on-1.79.jar, pythonmultipart-0.0.24-py3-none-any.whl, bcprov-jdk18on-1.79.jar, spring-security-core-6.5.9.jar, spring-boot-autoconfigure-3.5.13.jar, spring-web-6.2.17.jar,...

9.8CVSS5.9AI score0.00527EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/27 4:4 p.m.13 views

Security Bulletin: Maximo AI Service uses uuid-11.1.0.tgz and spring-webmvc-6.2.17.jar which are vulnerable to CVE-2026-41988 and CVE-2026-22741.

Summary Maximo AI Service uses uuid-11.1.0.tgz and spring-webmvc-6.2.17.jar which are vulnerable to CVE-2026-41988 and CVE-2026-22741. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-22741 DESCRIPTION: Spring MVC and WebFlux...

3.2CVSS5.8AI score0.00236EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/27 4:3 p.m.24 views

Security Bulletin: Maximo AI Service uses multiple third party dependencies which are vulnerable to multiple CVEs.

Summary Maximo AI Service uses path-to-regexp-0.1.12.tgz, mlflow-3.9.0rc0-py3-none-any.whl, lodash-4.17.23.tgz, tomcat-embed-core-10.1.53.jar, spring-security-config-6.5.9.jar, Mako-1.3.8-py3-none-any.whl, uuid-11.1.0.tgz, spring-boot-3.5.13.jar, mako-1.3.11-py3-none-any.whl and...

8.7CVSS7.5AI score0.21691EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/27 4:3 p.m.19 views

Security Bulletin: Maximo AI Service uses multiple third party dependencies which are vulnerable to multiple CVEs.

Summary Maximo AI Service uses mlflow-3.9.0rc0-py3-none-any.whl, bcprov-jdk18on-1.79.jar, mlflow-3.8.1-py3-none-any.whl and GitPython-3.1.44-py3-none-any.whl which are vulnerable to CVE-2026-0545, CVE-2025-14813, CVE-2026-0636, CVE-2026, CVE-2025-15031, CVE-2025-15036, CVE-2025, CVE-2026-42215,...

10CVSS7.9AI score0.01994EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/27 7:44 a.m.8 views

Security Bulletin: Maximo AI Service uses multiple third party dependencies which is vulnerable to multiple CVEs.

Summary Maximo AI Service uses logback-core-1.5.21.jar, spring-web-6.2.14.jar, pygments-2.19.2-py3-none-any.whl, and cryptography-46.0.5-cp311-abi3-manylinux234x8664.whl, which are vulnerable to CVE-2026-1225, CVE-2026-22735, CVE-2026-4539, and CVE-2026-34073. This bulletin contains information...

6.3CVSS4.6AI score0.00159EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/27 7:43 a.m.12 views

Security Bulletin: Maximo AI Service uses multiple third party dependencies which is vulnerable to multiple CVEs.

Summary Maximo AI Service uses mlflow-3.1.0-py3-none-any.whl, fast-xml-parser-4.5.3.tgz, nltk-3.9.1-py3-none-any.whl, tar-7.4.3.tgz, tar-7.5.9.tgz, PyJWT-2.10.1-py3-none-any.whl, pyasn1-0.6.2-py3-none-any.whl, fast-xml-parser-5.3.6.tgz, jackson-core-2.19.4.jar,...

8.8CVSS7.8AI score0.01682EPSS
Exploits10Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/27 7:43 a.m.15 views

Security Bulletin: Maximo AI Service uses multiple third party dependencies which is vulnerable to multiple CVEs.

Summary Maximo AI Service uses nltk-3.9.1-py3-none-any.whl, mlflow-3.1.0-py3-none-any.whl, and spring-security-web-6.5.7.jar, which are vulnerable to CVE-2025-14009, CVE-2026-2635, CVE-2026-0848, and CVE-2026-22732. This bulletin contains information regarding how to address the vulnerabilities...

10CVSS9.8AI score0.00968EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/06 1:59 p.m.4 views

Security Bulletin: Maximo AI Service uses werkzeug-3.1.5-py3-none-any.wh which is vulnerable to CVE-2026-27199.

Summary Maximo AI Service uses werkzeug-3.1.5-py3-none-any.wh which is vulnerable to CVE-2026-27199. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-27199 DESCRIPTION: Werkzeug is a comprehensive WSGI web application library...

6.3CVSS6.5AI score0.00556EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/06 1:58 p.m.6 views

Security Bulletin: Maximo AI Service uses qs-6.14.1.tgz and flask-3.0.3-py3-none-any.whl which is vulnerable to CVE-2026-2391 and CVE-2026-27205.

Summary Maximo AI Service uses qs-6.14.1.tgz and flask-3.0.3-py3-none-any.whl which is vulnerable to CVE-2026-2391 and CVE-2026-27205. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-2391 DESCRIPTION: Summary The arrayLimit opti...

7.5CVSS6.4AI score0.00478EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/31 1:54 p.m.12 views

Security Bulletin: Maximo AI Service uses multiple third party dependencies which is vulnerable to multiple CVEs.

Summary Maximo AI Service uses wheel-0.41.3-py3-none-any.whl, orjson-3.10.14-cp311-cp311-manylinux217x8664.manylinux2014x8664.whl, pythonmultipart-0.0.21-py3-none-any.whl, pyasn1-0.6.1.tar.gz, sentencepiece-0.2.0-cp311-cp311-manylinux217x8664.manylinux2014x8664.whl, tar-7.4.3.tgz, tar-7.5.2.tgz...

8.6CVSS7.2AI score0.02228EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/31 12:56 p.m.5 views

Security Bulletin: Maximo AI Service uses multiple third party dependencies which is vulnerable to multiple CVEs.

Summary Maximo AI Service uses transformers-4.48.3-py3-none-any.whl, transformers-4.50.0-py3-none-any.whl, transformers-4.52.1-py3-none-any.whl, transformers-4.53.0-py3-none-any.whl, transformers-4.57.3-py3-none-any.whl, urllib3-1.26.19-py2.py3-none-any.whl, urllib3-2.1.0-py3-none-any.whl,...

7.8CVSS7.7AI score0.00315EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/31 12:54 p.m.5 views

Security Bulletin: Maximo AI Service uses werkzeug-3.1.4-py3-none-any.whl, filelock-3.20.1-py3-none-any.whl which is vulnerable to CVE-2026-21860 and CVE-2026-22701.

Summary Maximo AI Service uses werkzeug-3.1.4-py3-none-any.whl, filelock-3.20.1-py3-none-any.whl which is vulnerable to CVE-2026-21860 and CVE-2026-22701. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-22701 DESCRIPTION: filelo...

6.3CVSS5.8AI score0.00424EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/02 4:24 a.m.14 views

Security Bulletin: The IBM Maximo Application Suite AI-Service component uses multiple third-party dependencies that contain vulnerabilities associated with multiple CVEs.

Summary The IBM Maximo Application Suite AI-Service component uses"langchaincore-0.3.29-py3-none-any.whl, langchaincore-0.3.80-py3-none-any.whl, jsonpath-plus-8.1.0.tgz, mlflow-2.19.0-py3-none-any.whl, pg8000-1.31.2-py3-none-any.whl" which are vulnerable to "CVE-2025-68664, CVE-2024-21534,...

9.8CVSS6.7AI score0.27133EPSS
Exploits16Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/02 4:22 a.m.10 views

Security Bulletin: The IBM Maximo Application Suite AI-Service component uses multiple third-party dependencies that contain vulnerabilities associated with multiple CVEs.

Summary The IBM Maximo Application Suite AI-Service component uses "FlaskCors-4.0.2-py2.py3-none-any.whl, langchaincommunity-0.3.3-py3-none-any.whl, langchaincore-0.3.29-py3-none-any.whl, langchaintextsplitters-0.3.5-py3-none-any.whl, pdfminersix-20250327-py3-none-any.whl,...

8.7CVSS6.2AI score0.01531EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/29 4:20 a.m.7 views

Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses Insufficiently Random Values vulnerability in form-data.

Summary Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses Insufficiently Random Values vulnerability in form-data.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-7783 DESCRIPTION: Use of Insufficiently...

9.4CVSS5.4AI score0.01735EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/28 5:54 a.m.7 views

Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc.

Summary Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...

6.3CVSS6.5AI score0.0043EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/28 5:44 a.m.7 views

Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses Improper Resource Shutdown or Release vulnerability to the made you reset the attack.

Summary Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses Improper Resource Shutdown or Release vulnerability to the made you reset the attack.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-48989...

7.5CVSS6.4AI score0.03389EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/23 12:42 p.m.4 views

Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses vulnerable huggingface/transformers library.

Summary Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses vulnerable huggingface/transformers library. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-1194 DESCRIPTION: A Regular Expression Denial of...

6.5CVSS6.2AI score0.00384EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/23 7:25 a.m.12 views

Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses Nimbus JOSE+JWT library which is vulnerable to CVE-2025-53864

Summary Security Bulletin: IBM Maximo Application Suite Ai-Service Component uses Nimbus JOSE+JWT library which is vulnerable to CVE-2025-53864. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-53864 DESCRIPTION: Connect2id Nimbu...

5.8CVSS7AI score0.00806EPSS
Exploits0Affected Software1
Rows per page
Query Builder