Security Bulletin: Investigation Assistant App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. Investigation Assistant App for IBM QRadar SIEM has addressed the applicable CVEs in an update. Vulnerability Details CVEID:CVE-2025-27789 DESCRIPTION: Babel i...

CVE-2026-44728

Babel is a compiler for writing next generation JavaScript. From 7.12.0 to before 7.29.4 and 8.0.0-alpha.13, using Babel to compile code that was specifically crafted by an attacker can cause Babel to generate output code that executes arbitrary code. This vulnerability is fixed in 7.29.4 and...

Security Bulletin: A runtime-7.23.5.tgz vulnerability found by Scanner affects IBM Rational Functional Tester / DevOps Test UI

Summary There is a vulnerability in runtime-7.23.5.tgz used by Rational Functional Tester RFT / DevOps Test UI Test UI. RFT/Test UI has addressed the applicable CVE Vulnerability Details CVEID:CVE-2025-27789 DESCRIPTION: Babel is a compiler for writing next generation JavaScript. When using...

Astra Linux - уязвимость в node-babel

Babel is a compiler for writing JavaScript code. In @babel/traverse prior to versions 7.23.2 and 8.0.0-alpha.4, as well as all versions of babel-traverse, using Babel to compile code that was specifically crafted by an attacker can lead to arbitrary code execution during compilation, especially...

PT-2026-39295

Name of the Vulnerable Software and Affected Versions Babel versions 7.12.0 through 7.29.3 Babel versions 8.0.0-alpha.1 through 8.0.0-alpha.12 Description Compiling code specifically crafted by an attacker can cause the generation of output code that executes arbitrary code. This issue affects th...

Security Bulletin: A vulnerability in Babel affect IBM® Db2® Big SQL on IBM Cloud Pak for Data.

Summary A vulnerability in Babel prior to version 7.6.10 affect IBM® Db2® Big SQL 7 & 8 on IBM Cloud Pak for Data 4 & 5 Vulnerability Details CVEID:CVE-2025-27789 DESCRIPTION: Babel is a compiler for writing next generation JavaScript. When using versions of Babel prior to 7.26.10 and...

EUVD-2022-44961

Malicious code in bioql PyPI...

EUVD-2025-31206

Malicious code in bioql PyPI...

EUVD-2022-45947

Malicious code in bioql PyPI...

SUSE CVE-2025-11000

A vulnerability was determined in Open Babel up to 3.1.1. This affects the function PQSFormat::ReadMolecule of the file /src/formats/PQSformat.cpp. This manipulation causes null pointer dereference. The attack is restricted to local execution. The exploit has been publicly disclosed and may be...

CVE-2025-10998

A vulnerability has been found in Open Babel up to 3.1.1. The affected element is the function ChemKinFormat::ReadReactionQualifierLines of the file /src/formats/chemkinformat.cpp. The manipulation leads to null pointer dereference. The attack can only be performed from a local environment. The...

DEBIAN-CVE-2025-10996

A vulnerability was detected in Open Babel up to 3.1.1. This issue affects the function OBSmilesParser::ParseSmiles of the file /src/formats/smilesformat.cpp. Performing manipulation results in heap-based buffer overflow. The attack needs to be approached locally. The exploit is now public and ma...

openbabel 代码问题漏洞

openbabel is a chemistry toolkit software from Open Babel open source. A code issue vulnerability exists in openbabel 3.1.1 and earlier versions, which stems from a null pointer dereference in function PQSFormat::ReadMolecule in file /src/formats/PQSformat.cpp, which could lead to a local executi...

Security Bulletin: Vulnerability in Babel affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Babel has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerability...

Security Bulletin: Multiple vulnerabilities in python and babel runtime affect IBM DevOps Automation Code

Summary Python version 3.9.15, vulnerable to CVE-2023-27043, CVE-2024-3220 and babel version 7.27.7 vulnerable to CVE-2025-27789 are used inside DevOps Automation Code 1.0.1 containers. Vulnerability Details CVEID:CVE-2024-3220 DESCRIPTION: There is a defect in the CPython standard library module...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses runtime-7.27.0.tgz which is vulnerable to this CVE-2025-27789

Summary Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses runtime-7.27.0.tgz which is vulnerable to this CVE-2025-27789 Vulnerability Details CVEID:CVE-2025-27789 DESCRIPTION: Babel is a compiler for writing next generation JavaScript. When using versions of Babel...

Security Bulletin: IBM Cognos Analytics Mobile (Android) is affected by a vulnerability in Babel (CVE-2025-27789)

Summary There is a vulnerability in Babel/helpers and Babel/runtime consumed by IBM Cognos Analytics Mobile Android CVE-2025-27789. This Security Bulletin relates only to the direct usage of third-party components by IBM Cognos Analytics Mobile and not any nested dependencies within the product...

Security Bulletin: Using untrusted strings with .replace on Babel-compiled regex named capturing groups can lead to performance degradation, which affects IBM watsonx.data

Summary Babel is a compiler for writing next generation JavaScript. When using versions of Babel prior to 7.26.10 and 8.0.0-alpha.17 to compile regular expression named capturing groups, Babel will generate a polyfill for the .replace method that has quadratic complexity on some specific...

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to runtime-7.24.8.tgz, runtime-7.26.0.tgz, runtime-7.26.9.tgz CVE-2025-27789

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to runtime-7.24.8.tgz, runtime-7.26.0.tgz, runtime-7.26.9.tgz CVE-2025-27789. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-27789 DESCRIPTION: Babel is a compil...

Security Bulletin: IBM Maximo Application Suite uses runtime-7.20.13.tgz which is vulnerable to CVE-2025-27789.

Summary IBM Maximo Application Suite uses runtime-7.20.13.tgz which is vulnerable to CVE-2025-27789. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-27789 DESCRIPTION: Babel is a compiler for writing next generation JavaScript...