Security Bulletin: Multiple vulnerabilities in IBM® SDK Java™ Technology Edition shipped with IBM Tivoli Monitoring.

Summary Multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped as part of multiple IBM Tivoli Monitoring ITM components. CVE-2026-22016, CVE-2026-22021, CVE-2026-22013, CVE-2026-22018, CVE-2026-34268 and CVE-2026-22007 Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION:...

Security Bulletin: Multiple vulnerabilities within WebSphere Application Server, affect IBM Tivoli Monitoring.

Summary Multiple vulnerabilities within WebSphere Application Server which is included as part of IBM Tivoli Monitoring ITM portal server have been addressed. Vulnerability Details CVEID:CVE-2025-12635 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server...

Security Bulletin: Due to the use of IBM Tivoli Monitoring and IBM Db2, IBM Cloud Pak System is affected by multiple vulnerabilities

Summary IBM Tivoli Monitoring code execution and IBM Db2 vulnerabilities have been found in IBM Tivoli Monitoring shipped with IBM Cloud Pak System IBM Tivoli MonitoringITM patternType itm pType, and IBM Cloud Pak System DB2 pattern type db2 pType shipped with Cloud Pak System. Vulnerabilities we...

Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime affecting Tivoli Netcool/OMNIbus

Summary Vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by Tivoli Netcool/OMNIbus probes and/or gateways have been addressed. Vulnerability Details CVEID:CVE-2026-21933 DESCRIPTION: Java SE could allow a remote attacker to bypass security controls and...

Security Bulletin: Multiple security vulnerabilities has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI - April 2026 Java CPU

Summary Websphere Application Server WAS is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about security vulnerabilities affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation Application Manager (CVE-2026-21945, CVE-2026-21932, CVE-2026-21933, CVE-2026-21925))

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition used by IBM Tivoli System Automation Application Manager. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by an easily exploitable vulnerability issue that...

Security Bulletin: Due to the use of Perl, IBM Tivoli Network Manager IP Edition (ITNM) is affected by vulnerable version of Zlib within Perl.

Summary Perl is used by IBM Tivoli Network Manager IP Edition ITNM for core agents processing, collectors and general tooling CVE-2026-4176. Vulnerability Details CVEID:CVE-2026-4176 DESCRIPTION: Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9...

Security Bulletin: IBM Tivoli Application Dependency Discovery Manager affected by multiple vulnerabilities due to IBM Java and its runtime

Summary IBM Tivoli Application Dependency Discovery Manager is vulnerable to denial of service due to use of IBM Java and runtimes CVE-2026-21945, CVE-2026-21932, CVE-2026-21933, CVE-2026-21925 Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service,...

Security Bulletin: Multiple vulnerabilities in IBM Tivoli Network Configuration Manager IP Edition (ITNCM)

Summary Multiple vulnerabilities were addressed in ITNCM version 6.4.2 Fix Pack 24 6.4.2.24 Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even...

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server, which impacts IBM Tivoli Netcool Configuration Manager

Summary IBM WebSphere Application Server is a required product for IBM Tivoli Netcool Configuration Manager version 6.4.2. Multiple vulnerabilities were addressed in IBM WebSphere Application Server CVE-2024-29371,CVE-2025-13333. Vulnerability Details Refer to the security bulletins listed in the...

IBM Tivoli Netcool Impact Log Information Disclosure Vulnerability

IBM Tivoli Netcool Impact is a suite of network management software from International Business Machines IBM. The software has the ability to automate business-critical functions and provide a platform that provides unified access to real-time data, events and indicators. IBM Tivoli Netcool Impac...

Security Bulletin: IBM Tivoli Netcool Impact is vulnerable to cross-site scripting due to IBM WebSphere Application Server Liberty (CVE-2025-12635)

Summary IBM WebSphere Application Server Liberty is shipped with IBM Tivoli Netcool Impact as part of its server infrastructure. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. Vulnerability Details...

Security Bulletin: Multiple vulnerabilities in IBM SDK, Java technology affect IBM Tivoli Composite Application Manager for Transactions (Response Time)

Summary IBM SDK, Java Technology Edition is used by IBM Tivoli Composite Application Manager for Transactions Response Time Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow a remote attacker to cause high...

Security Bulletin: Due to the use of IBM WebSphere Application Server, IBM Tivoli Network Manager (ITNM) IP Edition is affected by vulnerability (CVE-2024-29371)

Summary WebSphere Application Server, used by IBM Tivoli Network Manager ITNM IP Edition, is affected by a denial of service due to jose4j CVE-2024-29371. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products...

Security Bulletin: Multiple vulnerabilities in IBM SDK, Java technology affect IBM Tivoli Composite Application Manager for Transactions (Response Time)

Summary IBM SDK, Java Technology Edition is used by IBM Tivoli Composite Application Manager for Transactions Response Time Vulnerability Details CVEID:CVE-2026-1188 DESCRIPTION: In the Eclipse OMR port library component since release 0.2.0, an API function to return the textual names of all...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Business Service Manager and IBM Tivoli Netcool Impact

Summary IBM® SDK, Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager and IBM Tivoli Netcool Impact. Information about security vulnerabilities affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin. Vulnerability Details...

Security Bulletin: Vulnerabilities Addressed in IBM Tivoli Network Manager IP Edition (ITNM) version 4.2 Fix Pack 24 (4.2.0.24)

Summary Multiple vulnerabilities were addressed in ITNM version 4.2 Fix Pack 24 4.2.0.24 Vulnerability Details CVEID:CVE-2025-53864 DESCRIPTION: Connect2id Nimbus JOSE + JWT 10.0.x before 10.0.2 and 9.37.x before 9.37.4 allows a remote attacker to cause a denial of service via a deeply nested JSO...

CVE-2026-4788

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.37 stores sensitive information in log files that could be read by a local user...

Security Bulletin: Due to the use of WebSphere Application Server Liberty, IBM Tivoli Application Dependency Discovery Manager is vulnerable to cross-site scripting and arbitrary code execution

Summary IBM Tivoli Application Dependency Discovery Manager bundles WebSphere Application Server Liberty, vulnerabilities have been remediated in an efix Vulnerability Details CVEID:CVE-2025-12635 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty...

EUVD-2026-20028

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.37 stores sensitive information in log files that could be read by a local user...