Lucene search
K

444 matches found

NVD
NVD
added 2026/06/30 8:17 p.m.6 views

CVE-2026-3602

IBM App Connect Enterprise 13.0.1.0 through 13.0.7.2, and 12.0.1.0 through 12.0.12.26 and IBM Integration Bus for z/OS 10.1.0.0 through 10.1.0.7 is vulnerable to SQL injection. A remote attacker could socially engineer a user into accidentally creating files they may not be aware of...

5.5CVSS0.00183EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/30 7:19 p.m.33 views

CVE-2026-3602 IBM App Connect Enterprise and IBM Integration Bus for z/OS toolkit is vulnerable to an sql injection

IBM App Connect Enterprise 13.0.1.0 through 13.0.7.2, and 12.0.1.0 through 12.0.12.26 and IBM Integration Bus for z/OS 10.1.0.0 through 10.1.0.7 is vulnerable to SQL injection. A remote attacker could socially engineer a user into accidentally creating files they may not be aware of...

4.7CVSS0.00183EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/30 7:19 p.m.6 views

EUVD-2026-40385

IBM App Connect Enterprise 13.0.1.0 through 13.0.7.2, and 12.0.1.0 through 12.0.12.26 and IBM Integration Bus for z/OS 10.1.0.0 through 10.1.0.7 is vulnerable to SQL injection. A remote attacker could socially engineer a user into accidentally creating files they may not be aware of...

4.7CVSS5.9AI score0.00183EPSS
Exploits0References1
CVE
CVE
added 2026/06/30 7:19 p.m.20 views

CVE-2026-3602

IBM App Connect Enterprise and IBM Integration Bus for z/OS toolkit are vulnerable to SQL injection (CWE-73). Affected: IBM App Connect Enterprise versions 13.0.1.0–13.0.7.2 and 12.0.1.0–12.0.12.26; IBM Integration Bus for z/OS 10.1.0.0–10.1.0.7. Root cause: external control of file name or path ...

5.5CVSS5.9AI score0.00183EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.9 views

PT-2026-53945

Name of the Vulnerable Software and Affected Versions IBM App Connect Enterprise versions 13.0.1.0 through 13.0.7.2 IBM App Connect Enterprise versions 12.0.1.0 through 12.0.12.26 IBM Integration Bus for z/OS versions 10.1.0.0 through 10.1.0.7 Description SQL injection allows a remote attacker to...

5.5CVSS6AI score0.00183EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 2:36 p.m.6 views

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to Out-of-bounds Write due to OpenSSL (CVE-2025-15467)

Summary IBM App Connect Enterprise and IBM Integration Bus for z/OS Database node users are vulnerable to Out-of-bounds Write due to OpenSSL. Vulnerability Details CVEID:CVE-2025-15467 DESCRIPTION: Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD...

9.8CVSS7.9AI score0.47621EPSS
Exploits7Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/29 11:20 a.m.6 views

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus for z/OS toolkit is vulnerable to an sql injection (CVE-2026-3602)

Summary IBM App Connect Enterprise and IBM Integration Bus for z/OS toolkit is vulnerable to an sql injection. Vulnerability Details CVEID:CVE-2026-3602 DESCRIPTION: IBM App Connect Enterprise is vulnerable to SQL injection. A remote attacker could socially engineer a user into accidentally...

5.5CVSS5.9AI score0.00183EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/22 3:39 p.m.10 views

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to multiple vulnerabilities due to IBM Java SDK

Summary There are multiple vulnerabilities in IBM Java SDK, Java Technology Edition used by IBM App Connect Enterprise and IBM Integration Bus for z/OS . Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION: Easily exploitable vulnerability allows unauthenticated attacker with network access vi...

7.5CVSS7.2AI score0.00702EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/22 2:52 p.m.18 views

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to multiple vulnerabilities due to Apache Log4j ( CVE-2026-34477, CVE-2026-34478, CVE-2026-34479 & CVE-2026-34480 )

Summary IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to multiple vulnerabilities due to Apache Log4j. Vulnerability Details CVEID:CVE-2026-34477 DESCRIPTION: The fix for CVE-2025-68161 https://logging.apache.org/security.htmlCVE-2025-68161 was incomplete: it addresse...

7.5CVSS5.8AI score0.0086EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/19 8:1 a.m.20 views

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to a Denial of Service due to jackson-core ( WS-2026-0003 )

Summary IBM App Connect Enterprise and IBM Integration Bus for z/OS runtime and toolkit are vulnerable to a Denial of Service due to jackson-core. Vulnerability Details ID:WS-2026-0003 DESCRIPTION: The non-blocking async JSON parser in jackson-core bypasses the maxNumberLength constraint default:...

5.8AI score
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/14 2:9 p.m.14 views

Security Bulletin: IBM Integration Bus for z/OS is vulnerable to multiple vulnerabilities due to Apache Tomcat

Summary IBM Integration Bus for z/OS is vulnerable to multiple vulnerabilities due to Apache Tomcat. Vulnerability Details CVEID:CVE-2026-24880 DESCRIPTION: Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Apache Tomcat via invalid chunk extension...

9.1CVSS6AI score0.0504EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/11 9:5 a.m.10 views

Security Bulletin: IBM Integration Bus for z/OS webui is potentially vulnerable to an clickjacking attack ( CVE-2026-1353 )

Summary IBM Integration Bus for z/OS webui is potentially vulnerable to an clickjacking attack. Vulnerability Details CVEID:CVE-2026-1353 DESCRIPTION: IBM App Connect Enterprise could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious...

5.8AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/08 7:49 a.m.9 views

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to Directory Traversal due to plexus-utils (CVE-2025-67030)

Summary IBM App Connect Enterprise Toolkit and IBM Integration Bus for z/OS Toolkit are vulnerable to Directory Traversal due to plexus-utils. Vulnerability Details CVEID:CVE-2025-67030 DESCRIPTION: Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in...

8.8CVSS6.2AI score0.00663EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/20 5:1 p.m.10 views

Security Bulletin: IBM Integration Bus for z/OS is vulnerable to Improper Input Validation due to Apache Tomcat ( CVE-2026-24734 )

Summary IBM Integration Bus for z/OS is vulnerable to Improper Input Validation due to Apache Tomcat. Vulnerability Details CVEID:CVE-2026-24734 DESCRIPTION: Improper Input Validation vulnerability in Apache Tomcat Native, Apache Tomcat. When using an OCSP responder, Tomcat Native and Tomcat's FF...

7.5CVSS5.7AI score0.00498EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/26 4:45 p.m.15 views

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to multiple vulnerabilities due to IBM Java SDK (CVE-2026-21945,CVE-2026-21932,CVE-2026-21933 & CVE-2026-21925))

Summary IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to multiple vulnerabilities due to IBM Java SDK. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by an easily exploitable vulnerability issue that allows...

7.5CVSS5.8AI score0.00864EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 5:23 p.m.12 views

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to Incorrect Calculation of Buffer Size due to IBM Java (CVE-2026-1188)

Summary IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to Incorrect Calculation of Buffer Size due to IBM Java. Vulnerability Details CVEID:CVE-2026-1188 DESCRIPTION: In the Eclipse OMR port library component since release 0.2.0, an API function to return the textual...

9.8CVSS5.8AI score0.00491EPSS
Exploits0Affected Software2
RedhatCVE
RedhatCVE
added 2026/01/09 9:27 a.m.17 views

CVE-2023-45176

IBM App Connect Enterprise 11.0.0.1 through 11.0.0.23, 12.0.1.0 through 12.0.10.0 and IBM Integration Bus 10.1 through 10.1.0.1 are vulnerable to a denial of service for integration nodes on Windows. IBM X-Force ID: 247998...

6.2CVSS6.4AI score0.00177EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/19 2:14 p.m.7 views

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to Improper Neutralization of Input Terminators due to Jakarta Mail (CVE-2025-7962)

Summary IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to Improper Neutralization of Input Terminators due to Jakarta Mail. Vulnerability Details CVEID:CVE-2025-7962 DESCRIPTION: In Jakarta Mail 2.0.2 it is possible to preform a SMTP Injection by utilizing the \r and \...

7.5CVSS6.8AI score0.00756EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/17 2:53 p.m.8 views

Security Bulletin: IBM App Connect Enterprise Toolkit and IBM Integration Bus for z/OS Toolkit are vulnerable to Uncontrolled Resource Consumption due to Apache Commons IO (CVE-2024-47554)

Summary IBM App Connect Enterprise Toolkit and IBM Integration Bus for z/OS Toolkit are vulnerable to Uncontrolled Resource Consumption due to Apache Commons IO. Vulnerability Details CVEID:CVE-2024-47554 DESCRIPTION: Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The...

4.3CVSS6.6AI score0.01241EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/26 12:11 p.m.5 views

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to Uncontrolled Recursion due to Apache Commons Lang ( CVE-2025-48924 )

Summary IBM App Connect Enterprise runtime and IBM Integration Bus for z/OS are vulnerable to Uncontrolled Recursion due to Apache Commons Lang. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons...

5.3CVSS6.5AI score0.02164EPSS
Exploits0Affected Software2
Rows per page
Query Builder