CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3410 matches found

CVE-2025-36221

IBM Cloud Pak for Data System - Cyclops 11.3.0.2 through Interim Fix 002 IBM Cloud Pak for Data System uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication...

7.5CVSS5.5AI score0.00044EPSS

Exploits0References1

RedhatCVE•added yesterday•4 views

CVE-2026-3676

IBM Cloud APM, Base Private 8.1.4 and IBM Cloud APM, Advanced Private 8.1.4 IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in the data query logic of the Fenced...

6.5CVSS5.4AI score0.00053EPSS

Exploits0References1

IBM Security Bulletins•added yesterday•9 views

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities in Axios

Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities in Axios. CVE-2026-42033, CVE-2026-42034, CVE-2026-42035, CVE-2026-42036, CVE-2026-42037, CVE-2026-42038, CVE-2026-42039, CVE-2026-42040, CVE-2026-42041, CVE-2026-42042,...

10CVSS5.7AI score0.00202EPSS

Exploits12Affected Software2

IBM Security Bulletins•added 2026/05/28 12:49 a.m.•11 views

Security Bulletin: Due to the use of IBM Tivoli Monitoring and IBM Db2, IBM Cloud Pak System is affected by multiple vulnerabilities

Summary IBM Tivoli Monitoring code execution and IBM Db2 vulnerabilities have been found in IBM Tivoli Monitoring shipped with IBM Cloud Pak System IBM Tivoli MonitoringITM patternType itm pType, and IBM Cloud Pak System DB2 pattern type db2 pType shipped with Cloud Pak System. Vulnerabilities we...

10CVSS7.7AI score0.00944EPSS

Exploits9Affected Software1

CNNVD•added 2026/05/27 12:0 a.m.•9 views

IBM Cloud APM 安全漏洞

IBM Cloud APM is an application performance monitoring and operations analysis platform provided by the American multinational company IBM. There are security vulnerabilities in the IBM Cloud APM Base Private 8.1.4 version and the IBM Cloud APM Advanced Private 8.1.4 version. These vulnerabilitie...

6.5CVSS5.8AI score0.00053EPSS

Exploits0References1

NVD•added 2026/05/26 5:16 p.m.•8 views

CVE-2025-36221

7.5CVSS0.00044EPSS

Exploits0References1

Cvelist•added 2026/05/26 3:55 p.m.•33 views

CVE-2025-36221 Vulnerabilities exists in IBM Cloud Pak for Data System (CPDS 1.0) - Cyclops.

5.3CVSS0.00044EPSS

Exploits0References1

IBM Security Bulletins•added 2026/05/26 6:40 a.m.•8 views

Security Bulletin: Vulnerabilities exists in IBM Cloud Pak for Data System (CPDS 1.0) - Cyclops.

Summary Vulnerabilities exists in IBM Cloud Pak for Data System CPDS 1.0 - Cyclops addressed in 11.3.1.1. Vulnerability Details CVEID:CVE-2022-3219 DESCRIPTION: GnuPG can be made to spin on a relatively small input by for example crafting a public key with thousands of signatures attached,...

7.5CVSS5.4AI score0.00165EPSS

Exploits3Affected Software1

IBM Security Bulletins•added 2026/05/20 3:8 p.m.•8 views

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to vulnerability in Axios

Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to vulnerability in Axios. CVE-2025-62718 The vulnerability have been addressed. Vulnerability Details CVEID:CVE-2025-62718 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.j...

9.9CVSS6.2AI score0.00069EPSS

Exploits1Affected Software2

IBM Security Bulletins•added 2026/05/18 9:45 a.m.•7 views

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to vulnerability in Axios

Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to vulnerability in Axios. CVE-2026-40175 The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-40175 DESCRIPTION: Axios is a promise based HTTP client for the browser and...

4.8CVSS6.9AI score0.00063EPSS

Exploits5Affected Software2

IBM Security Bulletins•added 2026/05/14 2:58 p.m.•6 views

Security Bulletin: IBM Cloud Kubernetes is affected by a Linux kernel security vulnerability (CVE-2026-31431)

Summary IBM Cloud Kubernetes Service is affected by a vulnerability in the Linux kernel that could allow a local attacker to escalate their privileges CVE-2026-31431. Vulnerability Details CVEID : CVE-2026-31431 Description : In the Linux kernel, the following vulnerability has been resolved:...

7.8CVSS6.6AI score0.02235EPSS

Exploits226Affected Software1

IBM Security Bulletins•added 2026/05/14 2:58 p.m.•4 views

Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a Linux kernel security vulnerability (CVE-2026-31431)

Summary Red Hat OpenShift on IBM Cloud is affected by a vulnerability in the Linux kernel that could allow a local attacker to escalate their privileges CVE-2026-31431. Vulnerability Details CVEID : CVE-2026-31431 Description : In the Linux kernel, the following vulnerability has been resolved:...

7.8CVSS6.6AI score0.02235EPSS

Exploits226Affected Software1

IBM Security Bulletins•added 2026/05/13 6:27 p.m.•8 views

Security Bulletin: Multiple security vulnerabilities affecting IBM Knowledge Catalog for IBM Cloud Pak for Data

Summary Multiple security vulnerabilities impacting IBM Knowledge Catalog for IBM Cloud Pak for Data. These vulnerabilities have been addressed and customers should update to the recommended version of the product at the earliest opportunity. Vulnerability Details CVEID:CVE-2025-46392 DESCRIPTION...

8.8CVSS6.8AI score0.00883EPSS

Exploits6Affected Software1

IBM Security Bulletins•added 2026/05/08 6:21 a.m.•5 views

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities in Lodash

Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities in Lodash. CVE-2026-2950, CVE-2026-4800 The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-2950 DESCRIPTION: Impact: Lodash versions 4.17.23 and...

9.8CVSS6.8AI score0.00044EPSS

Exploits0Affected Software2

IBM Security Bulletins•added 2026/05/06 11:30 a.m.•16 views

Security Bulletin: Platform Navigator in IBM Cloud Pak for Integration is vulnerable to multiple vulnerabilities in undici

Summary Platform Navigator in IBM Cloud Pak for Integration is vulnerable to multiple vulnerabilities in undici CVE-2026-1525, CVE-2026-1526, CVE-2026-1527, CVE-2026-1528, CVE-2026-2229, CVE-2026-2581. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-1525 DESCRIPTION:...

9.8CVSS7AI score0.00175EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/20 12:5 p.m.•7 views

Security Bulletin: Automation Assets in IBM Cloud Pak for Integration is vulnerable to multiple vulnerabilities in Node.js

Summary Automation Assets in IBM Cloud Pak for Integration is vulnerable to multiple vulnerabilities in Node.js and LangChain. CVE-2026-2359, CVE-2026-3304, CVE-2026-3520, CVE-2026-29063, CVE-2026-24001, CVE-2025-69873, CVE-2026-31808. The vulnerabilities have been addressed. Vulnerability Detail...

9.8CVSS5.9AI score0.0008EPSS

Exploits3Affected Software1

IBM Security Bulletins•added 2026/04/15 6:16 a.m.•5 views

Security Bulletin: IBM Cloud Pak for Data System (CPDS 2.0) - NULL Pointer Dereference in OpenSSL cryptography package

Summary IBM Cloud Pak for Data System CPDS 2.0 uses the Python cryptography package version 3.4.7, which depends on OpenSSL. CVE-2024-0727 affects OpenSSL's PKCS12 file processing functionality. A maliciously formatted PKCS12 file can cause a NULL pointer dereference, leading to application crash...

5.5CVSS6.7AI score0.00208EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/10 8:27 a.m.•3 views

Security Bulletin: Platform Navigator in IBM Cloud Pak for Integration is vulnerable to vulnerability in python_multipart

Summary Platform Navigator in IBM Cloud Pak for Integration is vulnerable to vulnerability in pythonmultipart. CVE-2026-24486 vulnerability has been addressed. Vulnerability Details CVEID:CVE-2026-24486 DESCRIPTION: Python-Multipart is a streaming multipart parser for Python. Prior to version...

8.6CVSS6.7AI score0.01021EPSS

Exploits3Affected Software1

IBM Security Bulletins•added 2026/04/01 10:35 a.m.•3 views

Security Bulletin: IBM Cloud Pak for Data System (CPDS 1.0) is affected by improper handling of Windows device names due to Werkzeug

Summary Werkzeug is used by IBM Cloud Pak for Data System 1.0 as a WSGI web application library. CVE-2025-66221 affects Werkzeug's handling of Windows device names, which could lead to improper resource handling and potential availability impact on Windows systems. This vulnerability relates to t...

6.3CVSS6.9AI score0.00032EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/04/01 10:8 a.m.•2 views

Security Bulletin: IBM Cloud Pak for Data System (CPDS 1.0) is affected by multiple vulnerabilities due to Werkzeug

Summary Werkzeug is used by IBM Cloud Pak for Data System 1.0 as a WSGI web application library. Multiple vulnerabilities affect Werkzeug. CVE-2024-49767 involves a resource exhaustion vulnerability in the multipart/form-data parser where a specifically crafted form submission can cause the parse...

7.5CVSS7.2AI score0.01392EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by