Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to insufficient validation in url.Parse [CVE-2026-25679]

Summary IBM Watson Speech Services Cartridge is vulnerable to insufficient validation in url.Parse, which may cause acceptance of some invalid URLs CVE-2026-25679. url.Parse is used in our speech utilities. This vulnerabilitiy has been addressed. Please read the details for remediation below...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a path traversal vulnerability in ONNX [CVE-2026-27489]

Summary BM Watson Speech Services Cartridge is vulnerable to a path traversal vulnerability in ONNX due to an issue in symlink that allows the package to read arbitrary files outside model or user-provided directory CVE-2026-27489. ONNX is used in our speech runtimes. This vulnerabilitiy has been...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to Inefficient Algorithmic Complexity in crypto/x509 [CVE-2025-58187]

Summary IBM Watson Speech Services Cartridge is vulnerable to Inefficient Algorithmic Complexity in crypto/x509, due to non-linear processing time of some inputs scale with respect to the size of the certificate CVE-2025-58187. Crypto/x509 is used in our speech utilities. This vulnerabilitiy has...

CVE-2025-36187

IBM Knowledge Catalog Standard Cartridge 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.1, 5.1.1, 5,1.2, 5.1.3, 5.2.0, 5.2.1 stores potentially sensitive information in log files that could be read by a local privileged user...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a template injection vulnerability in LangChain [CVE-2025-65106]

Summary BM Watson Speech Services Cartridge is vulnerable to a template injection vulnerability in LangChain, due to a defect existing in LangChain's prompt template system that allows attackers to access Python object internals through template syntax CVE-2025-65106. LangChain is used in our...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a path traversal vulnerability in protobuf [CVE-2025-47273]

Summary IBM Watson Speech Services Cartridge is vulnerable to a path traversal vulnerability in Chuck-protobuf, due to a flaw in setuptoolsPackageIndex CVE-2025-47273. Protobuf is used in our speech service runtimes. This vulnerabilitiy has been addressed. Please read the details for remediation...

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in jinja2-3.1.5-py3-none-any.whl

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of jinja2-3.1.5-py3-none-any.whl Vulnerability Details CVEID:CVE-2025-27516 DESCRIPTION: Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr...

cartridge (>=1.0.0b1 <=1.3.1), cartridge-braintree (>=1.2.1 <=1.2.2) +4 more potentially affected by CVE-2025-50481 via mezzanine (>=3.1.10 <=6.0.0)

mezzanine PYPI version =3.1.10, =1.0.0b1, =1.2.1, =0.0.1, =0.1.0a1, =0.1.0b1, =0.4.1, =0.4.4 Source cves: CVE-2025-50481 Source advisory: OSV:GHSA-269J-37WW-CMH3...

cartridge (>=1.0.0b1 <=1.3.1) potentially affected by CVE-2025-50481 via mezzanine (=5.1.4)

mezzanine PYPI version =5.1.4 is affected by a known vulnerability. The following packages have a transitive dependency on mezzanine and may be impacted: - cartridge =1.0.0b1, =1.3.1 Source cves: CVE-2025-50481 Source advisory: OSV:PYSEC-2025-137...

cartridge (>=1.0.0b1 <=1.3.1), cartridge-braintree (>=1.2.1 <=1.2.2) +4 more potentially affected by CVE-2025-6050 via mezzanine (>=3.1.10 <=6.0.0)

mezzanine PYPI version =3.1.10, =1.0.0b1, =1.2.1, =0.0.1, =0.1.0a1, =0.1.0b1, =0.4.1, =0.4.4 Source cves: CVE-2025-6050 Source advisory: OSV:GHSA-7PR5-W74R-JJJ7...

cartridge (>=1.0.0b1 <=1.3.1), cartridge-braintree (>=1.2.1 <=1.2.2) +4 more potentially affected by CVE-2025-29573 via mezzanine (>=3.1.10 <=6.0.0)

mezzanine PYPI version =3.1.10, =1.0.0b1, =1.2.1, =0.0.1, =0.1.0a1, =0.1.0b1, =0.4.1, =0.4.4 Source cves: CVE-2025-29573 Source advisory: OSV:GHSA-2544-HPCQ-6G27...

cartridge (>=1.0.0b1 <=1.3.1), cartridge-braintree (>=1.2.1 <=1.2.2) +4 more potentially affected by CVE-2025-29573 via mezzanine (>=3.1.10 <=6.0.0)

mezzanine PYPI version =3.1.10, =1.0.0b1, =1.2.1, =0.0.1, =0.1.0a1, =0.1.0b1, =0.4.1, =0.4.4 Source cves: CVE-2025-29573 Source advisory: SNYK:PYTHON-MEZZANINE-10074181...

cartridge (>=1.0.0b1 <=1.3.1) potentially affected by CVE-2025-29573 via mezzanine (=5.1.4)

mezzanine PYPI version =5.1.4 is affected by a known vulnerability. The following packages have a transitive dependency on mezzanine and may be impacted: - cartridge =1.0.0b1, =1.3.1 Source cves: CVE-2025-29573 Source advisory: OSV:PYSEC-2025-136...

Security Bulletin: IBM Watson Speech Services Cartridge v4.8.8 is vulnerable to Remote Code Execution and/or Information disclosure and/or malicious content in Apache Tomcat [CVE-2025-24813]

Summary IBM Watson Speech Services Cartridge is vulnerable to Remote Code Execution and/or Information disclosure and/or malicious content in Apache Tomcat, due to a Path Equivalence issue with 'file.Name' Internal Dot CVE-2025-24813. Apache Tomcat is used in our Speech microservices. This...

Security Bulletin: IBM Watson Speech Services Cartridge v4.8.7 is vulnerable to multiple Operator package issues

Summary IBM Watson Speech Services Cartridge v4.8.7 is vulnerable to multiple Operator package issues. We have performed updates to the Operators used by our Speech Services. The following vulnerabilities have been addressed in this update. Please read the details for remediation below...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in PyTorch [CVE-2024-31580]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in PyTorch, caused by a heap-based buffer overflow in the /runtime/varargfunctions.cpp component CVE-2024-31580. PyTorch is used by our Speech Service runtimes. This vulnerabilitiy has bee...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to an arbitrary code execution in pypa/setuptools [CVE-2024-6345]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to an arbitrary code execution in pypa/setuptools , caused by an error in the packageindex module. CVE-2024-6345. pypa/setuptools is used by our Speech Service runtimes. This vulnerabilitiy has been addressed...

CVE-2024-49353

CVE-2024-49353 affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data versions 4.0.0–5.0.2. The root cause is improper input validation on resources used concurrently, introducing a race condition that can drive the system into unexpected states and potentially a crash. IBM’s bul...

CVE-2024-49353 IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data denial of service

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data 4.0.0 through 5.0.2 does not properly check inputs to resources that are used concurrently, which might lead to unexpected states, possibly resulting in a crash...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in TensorFlow [CVE-2023-33976]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in TensorFlow, caused by a a segfault when not given a rank 2 tensor in the arrayops.upperbound function CVE-2023-33976. TensorFlow is used by our Speech Service runtimes. This...