Security Bulletin: IBM Maximo Application Suite - Visual Inspection Component uses CodeMirror dependency which is vulnerable to CVE-2025-6493.

Summary IBM Maximo Application Suite - Visual Inspection Component uses CodeMirror dependency which is vulnerable to CVE-2025-6493. This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2025-6493 DESCRIPTION: A weakness has been...

Security Bulletin: Multiple vulnerabilities that affect IBM Db2 Intelligence Center (CVE-2025-47913, CVE-2022-25927, CVE-2025-6493, CWE-400, CWE-1333, CVE-2025-14687

Summary Multiple vulnerabilties fixed with Db2 Intelligence Center 1.1.3. Vulnerability Details CVEID:CVE-2025-47913 DESCRIPTION: SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. CVSS Source: CISA ADP CVSS Base...

Security Bulletin: The following vulnerabilities that can affect IBM Storage Scale Management GUI are now addressed in 5.2.3.5 and 6.0.0.0 (CVE-2025-6493)

Summary The following vulnerabilities, which may affect IBM Storage Scale when the Management GUI is configured and could lead to weaker-than-expected security, have been remediated in Storage Scale version 5.2.3.5 and later and 6.0.0.0 and later CVE-2025-6493 Vulnerability Details...

Malicious code in epic-angular-ui-codemirror (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 475aba8f9dc17e38dcf35a7e5607ccc07a0b4e095aa0957ee57fdc75d0d4ee8d The package epic-angular-ui-codemirror was found to contain malicious code...

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining 2.0.3

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Process Mining 2.0.3 Vulnerability Details CVEID:CVE-2025-58754 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. When Axios prior to...

UBUNTU-CVE-2025-6493

A weakness has been identified in CodeMirror up to 5.65.20. Affected is an unknown function of the file mode/markdown/markdown.js of the component Markdown Mode. This manipulation causes inefficient regular expression complexity. It is possible to initiate the attack remotely. The exploit has bee...

GHSA-4GW3-8F77-F72C Regular expression denial of service in codemirror

This affects the package codemirror before 5.58.2; the package org.apache.marmotta.webjars:codemirror before 5.58.2. The vulnerable regular expression is located in https://github.com/codemirror/CodeMirror/blob/cdb228ac736369c685865b122b736cd0d397836c/mode/javascript/javascript.jsL129. The ReDOS...