Security Bulletin: IBM Langflow Desktop Axios Denial of Service

Summary Axios is used by IBM Langflow Desktop as part of its HTTP communication functionality in Node.js environments, enabling it to send and receive network requests to external services and APIs. A vulnerability in Axios affects how data: scheme URLs are handled by its Node.js HTTP adapter,...

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2025-58754)

Summary IBM Security SOAR uses an older version of axios that may be identified and exploited. Updates for supported versions have been released which address this issue. Vulnerability Details CVEID:CVE-2025-58754 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. When...

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining 2.0.3

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Process Mining 2.0.3 Vulnerability Details CVEID:CVE-2025-58754 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. When Axios prior to...