Important: Red Hat Security Advisory: java-21-ibm-semeru-certified-jdk security update

An update for java-21-ibm-semeru-certified-jdk is now available for Red Hat Enterprise Linux 10.0 Extended Update Support, Red Hat Enterprise Linux 10, and Red Hat Enterprise Linux 10.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Importan...

Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates

Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 12.0.23 LTS and 13.1.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported vulnerabilities...

Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to loss of confidentiality (CVE-2025-62718)

Summary Node.js module axios is used by IBM App Connect Enterprise Certified Container for HTTP communications. IBM App Connect Enterprise Certified Container operands are vulnerable to loss of confidentiality. This bulletin provides patch information to address the reported vulnerability in...

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to loss of confidentiality, denial of service and cross-site scripting

Summary IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to loss of confidentiality CVE-2026-41238, CVE-2026-41239, CVE-2026-41240, GHSA-39q2-94rc-95cp, denial of service CVE-2026-33151, CVE-2026-32288 and cross-site scripting CVE-2026-27142. This bulletin...

Security Bulletin: IBM App Connect Enterprise Certified Container operator and IntegrationRuntime & IntegrationServer operands are vulnerable to loss of confidentiality (CVE-2026-27137) and denial of service (CVE-2026-27138)

Summary IBM App Connect Enterprise Certified Container operator and IntegrationRuntime & IntegrationServer operands are vulnerable to loss of confidentiality CVE-2026-27137 and denial of service CVE-2026-27138. This bulletin provides patch information to address the reported vulnerability in Gola...

Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to remote code execution (CVE-2026-29063)

Summary IBM App Connect Enterprise Certified Container operands are vulnerable to remote code execution. This bulletin provides patch information to address the reported vulnerability in node.js module immutable CVE-2026-29063 Vulnerability Details CVEID:CVE-2026-29063 DESCRIPTION: Immutable.js...

Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to loss of confidentiality (CVE-2025-64718)

Summary Node.js module js-yaml is used by IBM App Connect Enterprise Certified Container for parsing YAML data. IBM App Connect Enterprise Certified Container operands are vulnerable to loss of confidentiality. This bulletin provides patch information to address the reported vulnerability in...

Security Bulletin: IBM App Connect Enterprise Certified Container is vulnerable to cross-site scripting (CVE-2026-25896)

Summary Node.js module fast-xml-parser is used by IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container operands are vulnerable to cross-site scripting. This bulletin provides patch information to address the reported vulnerability in Node.js module...

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to remote code execution (CVE-2026-27212)

Summary Node.js module swipper is used by IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to remote code execution. This bulletin provides patch information to address the reported vulnerability in Node.js...

Security Bulletin: IBM App Connect Enterprise Certified Container is vulnerable to loss of confidentiality (CVE-2025-68121)

Summary IBM App Connect Enterprise Certified Container operator and DesignerAuthoring, IntegrationRuntime and IntegrationServer operands are vulnerable to loss of confidentiality. This bulletin provides patch information to address the reported vulnerability in Golang module crypto/tls...

Beyond the Badge: What Achieving Microsoft’s Certified Software Designation Means for Your Cloud Security

Verified by Microsoft. Built for Azure. Secured by Wiz...

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to arbitrary code execution (GHSA-5c6j-r48x-rmvq)

Summary Node.js module serialize-javascript is used by IBM App Connect Enterprise Certified Container DesignerAuthoring operands. DesignerAuthoring operands are vulnerable to arbitrary code execution. This bulletin provides patch information to address the reported vulnerability in Node.js module...

CVE-2025-36105

IBM Planning Analytics Advanced Certified Containers 3.1.0 through 3.1.4 could allow a local privileged user to obtain sensitive information from environment variables...

CVE-2025-36105 IBM Planning Analytics Advanced Certified Containers is vulnerable to a sensitive information disclosure vulnerability

IBM Planning Analytics Advanced Certified Containers 3.1.0 through 3.1.4 could allow a local privileged user to obtain sensitive information from environment variables...

IBM Planning Analytics Advanced Certified Containers 安全漏洞

IBM Planning Analytics Advanced Certified Containers is a containerized enterprise planning and analysis software deployment component provided by the American multinational company IBM. Versions 3.1.0 to 3.1.4 of IBM Planning Analytics Advanced Certified Containers contain security...

CVE-2025-13490

IBM App Connect Operator versions CD 11.3.0 through 11.6.0 and 12.1.0 through 12.20.0, LTS versions 12.0.0 through 12.0.20, and IBM App Connect Enterprise Certified Containers Operands versions CD 12.0.11.2‑r1 through 12.0.12.5‑r1 and 13.0.1.0‑r1 through 13.0.6.1‑r1, and LTS versions 12.0.12‑r1...

CVE-2025-13490

IBM App Connect Operator versions CD 11.3.0 through 11.6.0 and 12.1.0 through 12.20.0, LTS versions 12.0.0 through 12.0.20, and IBM App Connect Enterprise Certified Containers Operands versions CD 12.0.11.2‑r1 through 12.0.12.5‑r1 and 13.0.1.0‑r1 through 13.0.6.1‑r1, and LTS versions 12.0.12‑r1...

EUVD-2025-208249

IBM App Connect Operator versions CD 11.3.0 through 11.6.0 and 12.1.0 through 12.20.0, LTS versions 12.0.0 through 12.0.20, and IBM App Connect Enterprise Certified Containers Operands versions CD 12.0.11.2‑r1 through 12.0.12.5‑r1 and 13.0.1.0‑r1 through 13.0.6.1‑r1, and LTS versions 12.0.12‑r1...

CVE-2025-13490

CVE-2025-13490 affects IBM App Connect Operator CD versions 11.3.0–11.6.0, 12.1.0–12.20.0 and 12.0 LTS 12.0.0–12.0.20, plus IBM App Connect Enterprise Certified Containers operands CD 12.0.11.2‑r1–12.0.12.5‑r1 and 13.0.1.0‑r1–13.0.6.1‑r1 (and 12.0 LTS 12.0.12‑r1–12.0.12‑r20). The vulnerability is...

Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates

Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 12.0.21 LTS and 12.21.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported vulnerabilities...