Security Bulletin: IBM Edge Data Collector uses follow-redirects-1.15.11.tgz which is vulnerable to CVE-2026-40895

Summary IBM Edge Data Collector Component uses follow-redirects-1.15.11.tgz which is vulnerable to CVE-2026-40895. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-40895 DESCRIPTION: follow-redirects is an open source, drop-in replacement for...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses protobuf-4.21.12-cp37-abi3-manylinux2014_x86_64.whl and protobuf-4.25.7-cp37-abi3-manylinux2014_x86_64.whl which is vulnerable to CVE-2025-4565

Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses protobuf-4.21.12-cp37-abi3-manylinux2014x8664.whl and protobuf-4.25.7-cp37-abi3-manylinux2014x8664.whl which is vulnerable to CVE-2025-4565.This bulletin contains information addressing the vulnerability. Vulnerabili...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses protobuf-4.25.3-cp37-abi3-manylinux2014_x86_64.whl, protobuf-6.33.4-cp39-abi3-manylinux2014_x86_64.whl which is vulnerable to CVE-2026-0994

Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses Security Bulletin: IBM Maximo Application Suite - Monitor Component uses protobuf-4.25.3-cp37-abi3-manylinux2014x8664.whl, protobuf-6.33.4-cp39-abi3-manylinux2014x8664.whl which is vulnerable to CVE-2026-0994.This...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses pyasn1-0.6.2-py3-none-any.whl which is vulnerable to CVE-2026-30922

Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses pyasn1-0.6.2-py3-none-any.whl which is vulnerable to CVE-2026-30922.This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-30922 DESCRIPTION: pyasn1 is a generic ASN.1...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses netty-codec-http2-4.2.10.Final.jar, netty-codec-http2-4.2.9.Final.jar which is vulnerable to CVE-2026-33871

Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses netty-codec-http2-4.2.10.Final.jar, netty-codec-http2-4.2.9.Final.jar which is vulnerable to CVE-2026-33871.This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-33871...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses netty-codec-http-4.2.9.Final.jar which is vulnerable to CVE-2026-33870

Summary IBM Maximo Application Suite - Monitor Component uses netty-codec-http-4.2.9.Final.jar which is vulnerable to CVE-2026-33870.This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-33870 DESCRIPTION: Netty is an asynchronous, event-driven...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses uuid-7.0.3.tgz, uuid-9.0.1.tgz which is vulnerable to CVE-2026-41907

Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses uuid-7.0.3.tgz, uuid-9.0.1.tgz which is vulnerable to CVE-2026-41907. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-41907 DESCRIPTION: uuid is for the creation ...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses uuid-7.0.3.tgz which is vulnerable to CVE-2026-41988

Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses uuid-7.0.3.tgz which is vulnerable to CVE-2026-41988.This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-41988 DESCRIPTION: uuid before 14.0.0 can make unexpected...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses cryptography-46.0.5-cp311-abi3-manylinux_2_34_x86_64.whl which is vulnerable to CVE-2026-34073

Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses cryptography-46.0.5-cp311-abi3-manylinux234x8664.whl which is vulnerable to CVE-2026-34073.This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-34073 DESCRIPTION:...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses tornado-6.5.3-cp39-abi3-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl which is vulnerable to CVE-2026-31958

Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses tornado-6.5.3-cp39-abi3-manylinux25x8664.manylinux1x8664.manylinux217x8664.manylinux2014x8664.whl which is vulnerable to CVE-2026-31958. This bulletin contains information addressing the vulnerability. Vulnerability...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses tornado-6.5.3-cp39-abi3-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl which is vulnerable to CVE-2026-35536

Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses tornado-6.5.3-cp39-abi3-manylinux25x8664.manylinux1x8664.manylinux217x8664.manylinux2014x8664.whl which is vulnerable to CVE-2026-35536.This bulletin contains information addressing the vulnerability. Vulnerability...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses kafka-clients-3.9.1.jar which is vulnerable to CVE-2026-35554

Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses kafka-clients-3.9.1.jar which is vulnerable to CVE-2026-35554.This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-35554 DESCRIPTION: A race condition in the Apache...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses path-to-regexp-0.1.12.tgz which is vulnerable to CVE-2026-4867

Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses path-to-regexp-0.1.12.tgz which is vulnerable to CVE-2026-4867.This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-4867 DESCRIPTION: Impact: A bad regular expression ...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses axios-1.15.0.tgz which is vulnerable to CVE-2026-42264

Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses axios-1.15.0.tgz which is vulnerable to CVE-2026-42264.This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-42264 DESCRIPTION: Axios is a promise based HTTP client for...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses axios-1.15.0.tgz which is vulnerable to CVE-2026-42033, CVE-2026-42034, CVE-2026-42035, CVE-2026-42036, CVE-2026-42037

Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses axios-1.15.0.tgz which is vulnerable to CVE-2026-42033, CVE-2026-42034, CVE-2026-42035, CVE-2026-42036, CVE-2026-42037, CVE-2026-42038, CVE-2026-42039, CVE-2026-42040, CVE-2026-42041, CVE-2026-42042, CVE-2026-42043,...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty which was affected by identity spoofing which is vulnerable to CVE-2026-3621

Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty which was affected by identity spoofing which is vulnerable to CVE-2026-3621. This bulletin contains information addressing the vulnerability. Vulnerability Details...

Stateful Online Monitoring Catches Distributed Agent Attacks

Language models can find thousands of severe software vulnerabilities, and agents are increasingly being misused for cyberattacks. To avoid detection, attackers frequently distribute their misuse, splitting a harmful task across many user accounts so each individual transcript looks benign. Becau...

CVE-2025-71305

A flaw was found in the Linux kernel's DisplayPort Multi-Stream Transport MST subsystem. When a DisplayPort 2.1 monitor is disconnected, a timing issue can cause the Virtual Channel Packet Interval VCPI value to become zero. Subsequent operations attempting to use this zero value in a bit shift c...

ai-goofish-monitor 安全漏洞

ai-goofish-monitor is an AI-based multi-task real-time monitoring and web management tool developed by Usagi-org. There is a security vulnerability in ai-goofish-monitor. This vulnerability stems from the GET /api/prompts/filename endpoint in Windows deployments, which contains an unvalidated...

CVE-2026-46008

A flaw was found in the Linux kernel's Data Access MONitor DAMON subsystem. A race condition exists in the memory management component, specifically during the exit process of kdamondfn and the registration of damoswalk requests. This vulnerability allows a local attacker to trigger a deadlock,...