Security Bulletin: IBM Automation Decision Services for Jan 2026- Multiple CVEs addressed

Summary IBM Automation Decision Services is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-7783...

EUVD-2025-18925

Malicious code in bioql PyPI...

io.quarkus/quarkus-vertx: Quarkus potential data leak

A data leak vulnerability has been discovered in the io.quarkus:quarkus-vertx package. This flaw can lead to information disclosure if a Vert.x context that has already been duplicated is subsequently duplicated again. In such a scenario, sensitive data residing within that context may be...

Exposure of Resource to Wrong Sphere

Overview io.vertx:vertx-core is a tool-kit for building reactive applications on the JVM. Affected versions of this package are vulnerable to Exposure of Resource to Wrong Sphere via the duplicated context process. An attacker can access sensitive data from another transaction by triggering the...

CVE-2025-49574 Quarkus potential data leak when duplicating a duplicated context

Quarkus is a Cloud Native, Linux Container First framework for writing Java applications. In versions prior to 3.24.1, 3.20.2, and 3.15.6, there is a potential data leak when duplicating a duplicated context. Quarkus extensively uses the Vert.x duplicated context to implement context propagation...

Quarkus potentially leaks data when duplicating a duplicated context

Impact Vert.x 4.5.12 has changed the semantics of the duplication of duplicated context. Duplicated context is an object used to propagate data through a processing synchronous or asynchronous. Each "transaction" or "processing" runs on its own isolated duplicated context. Initially, duplicating ...

GHSA-9623-MJ7J-P9V4 Quarkus potentially leaks data when duplicating a duplicated context

Impact Vert.x 4.5.12 has changed the semantics of the duplication of duplicated context. Duplicated context is an object used to propagate data through a processing synchronous or asynchronous. Each "transaction" or "processing" runs on its own isolated duplicated context. Initially, duplicating ...

PT-2025-26642 · Quarkus · Quarkus

Name of the Vulnerable Software and Affected Versions: Quarkus versions prior to 3.24.0 Description: The issue is related to a potential data leak when duplicating a duplicated context in Quarkus, which extensively uses the Vert.x duplicated context to implement context propagation. This can caus...