Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses github.com/jackc/pgproto3/v2-v2.3.3 which is vulnerable to CVE-2026-4427

Summary IBM Maximo Application Suite - Visual Inspection component uses github.com/jackc/pgproto3/v2-v2.3.3 which is vulnerable to CVE-2026-4427, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-4427 DESCRIPTION: Rejected...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses node-forge-1.3.2.tgz, node-forge-1.3.3.tgz which is vulnerable to CVE-2026-33891, CVE-2026-33894, CVE-2026-33895, CVE-2026-33896

Summary IBM Maximo Application Suite - Visual Inspection component uses node-forge-1.3.2.tgz, node-forge-1.3.3.tgz which is vulnerable to CVE-2026-33891, CVE-2026-33894, CVE-2026-33895, CVE-2026-33896 , This bulletin contains information regarding the vulnerability and its remediation...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses flask-3.1.2-py3-none-any.whl which is vulnerable to CVE-2026-27205

Summary IBM Maximo Application Suite - Visual Inspection component uses flask-3.1.2-py3-none-any.whl which is vulnerable to CVE-2026-27205, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-27205 DESCRIPTION: Flask is a web...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses tar-7.5.9.tgz which is vulnerable to CVE-2026-31802

Summary IBM Maximo Application Suite - Visual Inspection component uses tar-7.5.9.tgz which is vulnerable to CVE-2026-31802, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-31802 DESCRIPTION: node-tar is a full-featured Tar...

Security Bulletin: IBM Maximo Application Suite uses Websphere Liberty v.25.0.0.12 which is vulnerable to CVE-2024-29371, CVE-2025-12635 and CVE-2025-14914.

Summary IBM Maximo Application Suite uses Websphere Liberty v.25.0.0.12 which is vulnerable to CVE-2024-29371, CVE-2025-12635 and CVE-2025-14914. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-29371 DESCRIPTION: In jose4j befor...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses google.golang.org/protobuf-v1.30.0, google.golang.org/protobuf-v1.31.0 which is vulnerable to CVE-2024-24786

Summary IBM Maximo Application Suite - Visual Inspection component uses google.golang.org/protobuf-v1.30.0, google.golang.org/protobuf-v1.31.0 which is vulnerable to CVE-2024-24786, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details...

kernel: crypto: algif_aead - Revert to operating out-of-place

A flaw was found in the Linux kernel's algifaead cryptographic algorithm interface. An incorrect in-place operation causes source and destination data mappings to differ during cryptographic processing. A low-privileged local attacker can exploit this flaw to corrupt the contents of sensitive...

Security Bulletin: Multiple vulnerabilities in IBM watsonx Orchestrate Developer Edition

Summary Multiple vulnerabilities were addressed in IBM watsonx Orchestrate Developer Edition version 2.7.0 Vulnerability Details CVEID:CVE-2025-64756 DESCRIPTION: Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses tar-7.5.2.tgz which is vulnerable to CVE-2026-24842

Summary IBM Maximo Application Suite - Visual Inspection component uses tar-7.5.2.tgz which is vulnerable to CVE-2026-24842, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-24842 DESCRIPTION: node-tar,a Tar for Node.js,...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses Lodash which is vulnerable to CVE-2025-13465

Summary IBM Maximo Application Suite - Visual Inspection component uses Lodash which is vulnerable to CVE-2025-13465, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2025-13465 DESCRIPTION: Lodash versions 4.0.0 through 4.17.22 a...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses pyasn1 which is vulnerable to CVE-2026-30922

Summary IBM Maximo Application Suite - Visual Inspection component uses pyasn1 which is vulnerable to CVE-2026-30922, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-30922 DESCRIPTION: pyasn1 is a generic ASN.1 library for...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses black-26.1.0 which is vulnerable to CVE-2026-31900

Summary IBM Maximo Application Suite - Visual Inspection component uses black-26.1.0 which is vulnerable to CVE-2026-31900, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-31900 DESCRIPTION: Black is the uncompromising Pytho...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses xmldom which is vulnerable to CVE-2026-34601

Summary IBM Maximo Application Suite - Visual Inspection component uses xmldom which is vulnerable to CVE-2026-34601, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-34601 DESCRIPTION: xmldom is a pure JavaScript W3C...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses golang.org/x/image-v0.18.0 which is vulnerable to CVE-2026-33809

Summary IBM Maximo Application Suite - Visual Inspection component uses golang.org/x/image-v0.18.0 which is vulnerable to CVE-2026-33809, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-33809 DESCRIPTION: A maliciously craft...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses logback-core-1.5.21.jar which is vulnerable to CVE-2026-1225

Summary IBM Maximo Application Suite - Visual Inspection component uses logback-core-1.5.21.jar which is vulnerable to CVE-2026-1225, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-1225 DESCRIPTION: ACE vulnerability in...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses diff-8.0.2.tgz which is vulnerable to CVE-2026-24001

Summary IBM Maximo Application Suite - Visual Inspection component uses diff-8.0.2.tgz which is vulnerable to CVE-2026-24001, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-24001 DESCRIPTION: jsdiff is a JavaScript text...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses axios-1.13.5.tgz which is vulnerable to CVE-2025-62718 and CVE-2026-40175

Summary IBM Maximo Application Suite - Visual Inspection component uses axios-1.13.5.tgz which is vulnerable to CVE-2025-62718 and CVE-2026-40175, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-40175 DESCRIPTION: Axios is a...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses tar-7.5.7.tgz which is vulnerable to CVE-2026-26960

Summary IBM Maximo Application Suite - Visual Inspection component uses tar-7.5.7.tgz which is vulnerable to CVE-2026-26960 This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-26960 DESCRIPTION: node-tar is a full-featured Tar f...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses axios-1.12.1.tgz which is vulnerable to CVE-2026-25639

Summary IBM Maximo Application Suite - Visual Inspection component uses axios-1.12.1.tgz which is vulnerable to CVE-2026-25639, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-25639 DESCRIPTION: Axios is a promise based HTTP...

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities in Handlebars

Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities in Handlebars. CVE-2026-33937, CVE-2026-33938, CVE-2026-33939, CVE-2026-33940, CVE-2026-33941 The vulnerabilities have been addressed. Vulnerability Details...