Security Bulletin: Multiple vulnerabilities affect IBM® Semeru Runtime (CVE-2026-21945, CVE-2026-21932, CVE-2026-21933, CVE-2026-21925, CVE-2026-1188)

Summary This bulletin for IBM Semeru Runtime covers all applicable Java SE CVEs published by OpenJDK as part of their January 2026 Vulnerability Advisory, plus CVE-2026-1188. For more information please refer to OpenJDK's January 2026 Vulnerability Advisory and the CVE links below. Vulnerability...

USN-7900-1: CRaC JDK 17 vulnerabilities

Jinfeng Guo discovered that the Security component of CRaC JDK 17 did not correctly handle certain representations of encoded strings. An unauthenticated remote attacker could possibly use this issue to modify files or leak sensitive information. CVE-2025-53057 Darius Bohni discovered that the JA...

AlmaLinux 9 : java-17-openjdk (ALSA-2025:3852)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:3852 advisory. JDK: Better TLS connection support CVE-2025-21587 JDK: Improve compiler transformations CVE-2025-30691 JDK: Enhance Buffered Image handling CVE-2025-30698...