CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/02/03 12:0 a.m.•2 views

OPENSUSE-SU-2026:10134-1 java-17-openj9-17.0.18.0-1.1 on GA media

These are all security issues fixed in the java-17-openj9-17.0.18.0-1.1 package on the GA media of openSUSE Tumbleweed...

6.1CVSS5.8AI score0.00055EPSS

RedHat Linux•added 2026/02/02 8:20 p.m.•0 views

openjdk: Improve JMX connections (Oracle CPU 2026-01)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: RMI. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17 and...

4.8CVSS5.8AI score0.00055EPSS

RedHat Linux•added 2026/02/02 8:20 p.m.•5 views

Important: Red Hat Security Advisory: OpenJDK 25.0.2 Security Update for Windows Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...

7.5CVSS6.3AI score0.00089EPSS

RedHat Linux•added 2026/02/02 8:20 p.m.•2 views

openjdk: Improve HttpServer Request handling (Oracle CPU 2026-01)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17...

6.1CVSS5.8AI score0.00016EPSS

RedHat Linux•added 2026/02/02 8:20 p.m.•3 views

openjdk: Enhance Handling of URIs (Oracle CPU 2026-01)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: AWT, JavaFX. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17...

7.4CVSS5.9AI score0.00056EPSS

RedHat Linux•added 2026/02/02 8:20 p.m.•2 views

openjdk: Enhance Certificate Checking (Oracle CPU 2026-01)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17 an...

7.5CVSS5.9AI score0.00089EPSS

IBM Security Bulletins•added 2026/02/02 6:37 p.m.•5 views

Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in yawkat LZ4 Java

Summary Multiple vulnerabilities in yawkat LZ4 Java that is used by IBM InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2025-12183 DESCRIPTION: Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and...

8.8CVSS7.4AI score0.00103EPSS

IBM Security Bulletins•added 2026/02/02 2:8 p.m.•6 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect WebSphere Service Registry and Repository due to January 2026 CPU

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, used by WebSphere Service Registry and Repository. These issues were disclosed as part of the IBM Java SDK updates in January 2026. These issues are addressed by WebSphere Application Server shipped with WebSphere...

5.3AI score

IBM Security Bulletins•added 2026/02/02 12:48 p.m.•8 views

Security Bulletin: There is a vulnerability in lz4-java-1.8.1.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2025-66566)

Summary There is a vulnerability in lz4-java-1.8.1.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2025-66566 DESCRIPTION: yawkat LZ4 Java provides LZ4 compression for Java. Insufficient clearing of the output buffer in Java-based...

8.2CVSS5.7AI score0.00066EPSS

IBM Security Bulletins•added 2026/02/02 12:5 p.m.•9 views

Security Bulletin: There is a vulnerability in lz4-java-1.7.1.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2025-12183)

Summary There is a vulnerability in lz4-java-1.7.1.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2025-12183 DESCRIPTION: Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of...

8.8CVSS5.5AI score0.00103EPSS

Tenable Nessus•added 2026/02/02 12:0 a.m.•4 views

Keycloak < 26.4.4 Debug Mode JDWP Port Exposure (CVE-2025-11538)

The version of Keycloak installed on the remote host is prior to 26.4.4. It is, therefore, affected by a Port Exposure vulnerability: - A vulnerability exists in Keycloak's server distribution where enabling debug mode --debug insecurely defaults to binding the Java Debug Wire Protocol JDWP port ...

6.8CVSS6.4AI score0.00013EPSS

OpenVAS•added 2026/02/02 12:0 a.m.•3 views

Fedora: Security Advisory (FEDORA-2026-5c70cd99f4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.4AI score