Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2026-33532)

Summary IBM Security SOAR uses an older version of the YAML component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.9.2 Vulnerability Details CVEID:CVE-2026-33532 DESCRIPTION: yaml is a...

Security Bulletin: Due to use of Java SE, IBM Security SOAR is affected by unspecified vulnerabilities (CVE-2025-53066 & CVE-2025-53057)

Summary IBM Security SOAR uses Java SE library internally. Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow a remote attacker to cause high confidentiality impact, no integrity impact, and no availability...

CVE-2024-45670

IBM Security SOAR 51.0.1.0 and earlier contains a mechanism for users to recover or change their passwords without knowing the original password, but the user account must be compromised prior to the weak recovery mechanism...

Cerebrate 跨站脚本漏洞

Cerebrate is an open source platform. Designed to act as an interconnected orchestrator for trusted contact information providers and other security tools, a security vulnerability exists in Cerebrate 1.4, which stems from the possibility of XSS occurring in the bookmark component. No detailed...