EUVD-2026-16690

A vulnerability has been found in OpenBMB XAgent 1.0.0. This affects the function ReplayServer.onconnect/ReplayServer.senddata of the file XAgentServer/application/websockets/replayer.py of the component WebSocket Endpoint. Such manipulation of the argument interactionid leads to authorization...

CVE-2026-4958

A vulnerability has been found in OpenBMB XAgent 1.0.0. This affects the function ReplayServer.onconnect/ReplayServer.senddata of the file XAgentServer/application/websockets/replayer.py of the component WebSocket Endpoint. Such manipulation of the argument interactionid leads to authorization...

CVE-2026-4958

OpenBMB XAgent 1.0.0 contains a vulnerability in ReplayServer.on_connect/ReplayServer.send_data (XAgentServer/application/websockets/replayer.py, WebSocket Endpoint) where manipulating the interaction_id can bypass authorization. The incident is remotely exploitable and is described as highly com...

CVE-2026-4958 OpenBMB XAgent WebSocket Endpoint replayer.py ReplayServer.send_data authorization

A vulnerability has been found in OpenBMB XAgent 1.0.0. This affects the function ReplayServer.onconnect/ReplayServer.senddata of the file XAgentServer/application/websockets/replayer.py of the component WebSocket Endpoint. Such manipulation of the argument interactionid leads to authorization...

EUVD-2016-6902

Malware in sbrugna...

Security Bulletin: IBM Tealeaf Customer Experience Replay Server internal proxy accepts connections from external sources (CVE-2016-5968)

Summary The internal HTTP proxy server deployed as part of the IBM Tealeaf Customer Experience Replay Server accepts requests from any network host, not only from local renderers. Vulnerability Details CVEID: CVE-2016-5968 DESCRIPTION: IBM Tealeaf Replay Server allows remote attackers to use one ...

Security Bulletins for IBM Tealeaf Customer Experience offerings

Abstract Support for IBM Tealeaf Customer Experience offerings is found in the IBM Client Success Portal at https://support.ibmcloud.com/, which requires login. For your convenience, Security Bulletins for IBM Tealeaf Customer Experience offerings are listed here, most recent at top, and do not...

CVE-2015-4987

The search and replay servers in IBM Tealeaf Customer Experience 8.0 through 9.0.2 allow remote attackers to bypass authentication via unspecified vectors. IBM X-Force ID: 105896...

CVE-2016-5968

The Replay Server in IBM Tealeaf Customer Experience 8.x before 8.7.1.8847 FP10, 8.8.x before 8.8.0.9049 FP9, 9.0.0 and 9.0.1 before 9.0.1.1117 FP5, 9.0.1A before 9.0.1.5108 FP5, 9.0.2 before 9.0.2.1223 FP3, and 9.0.2A before 9.0.2.5224 FP3 allows remote attackers to conduct SSRF attacks via...

Unspecified Vulnerability in IBM Tealeaf Customer Experience Replay Serve

IBM Tealeaf Customer Experience is a SaaS Software-as-a-Service based analytics solution for web and mobile applications from IBM, USA. The solution helps clients improve the overall user experience by analyzing and understanding data, and supports the adoption of advanced user interfaces for ric...

CVE-2015-4988

Directory traversal vulnerability in the replay server in IBM Tealeaf Customer Experience before 8.7.1.8818, 8.8 before 8.8.0.9026, 9.0.0, 9.0.0A, 9.0.1 before 9.0.1.1083, 9.0.1A before 9.0.1.5073, 9.0.2 before 9.0.2.1095, and 9.0.2A before 9.0.2.5144 allows remote attackers to read arbitrary fil...