CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

362 matches found

IBM Security Bulletins•added 2026/06/15 10:14 a.m.•9 views

Security Bulletin: IBM Engineering Systems Design Rhapsody TestConductor was affected by CVE-2025-48924

Summary IBM Engineering Systems Design Rhapsody TestConductor was vulnerable to an uncontrolled recursion on very long inputs. This could cause components using Apache Commons Lang to stop. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache...

5.3CVSS6.2AI score0.02164EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/06/15 6:17 a.m.•4 views

Security Bulletin: IBM Engineering Systems Design Rhapsody was affected by CVE-2026-1605

Summary Security Bulletin: IBM Engineering Systems Design Rhapsody was affected by CVE-2026-1605, CVE-2026-1605 is a high-severity vulnerability in the Eclipse Jetty web server caused by improper resource management in the GzipHandler component. IBM Engineering Systems Design Rhapsody has resolve...

7.5CVSS5.2AI score0.00367EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/06/15 6:17 a.m.•3 views

Security Bulletin: IBM Engineering Systems Design Rhapsody was affected by CVE-2025-11143

Summary IBM Engineering Systems Design Rhapsody was affected by CVE-2025-11143. Although the vulnerability is generally rated low to medium severity due to the specific conditions required for exploitation, it can become more impactful in complex multi-layered architectures where consistent URL...

6.5CVSS6.8AI score0.00159EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/06/15 6:16 a.m.•5 views

Security Bulletin: IBM Engineering Systems Design Rhapsody was affected by CVE-2026-21945, CVE-2026-21932, CVE-2026-21933, CVE-2026-21925

Summary Security Bulletin: IBM Engineering Systems Design Rhapsody was using Older version of Java which as per Oracle's January 2026 Critical Patch Update, all affecting Oracle Java SE and related GraalVM runtimes. Collectively, they highlight weaknesses in how Java handles untrusted code,...

7.5CVSS6AI score0.00547EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2026/06/02 7:58 a.m.•5 views

Security Bulletin: IBM Engineering Systems Design Rhapsody TestConductor was affected by CVE-2012-5783, CVE-2012-6153

Summary IBM Engineering Systems Design Rhapsody TestConductor was vulnerable to man-in-the-middle attacks caused by not verifying that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate. This allows man-in-the-middle attacker...

5.8CVSS6.9AI score0.09254EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/03/16 11:4 a.m.•4 views

Security Bulletin: IBM Rhapsody Systems Engineering is using qs-6.14.0 which is vulnerable to CVE-2025-15284

Summary A security vulnerability was identified in the QS package used in our product. We have resolved the issue by updating to a non-vulnerable patched version to ensure the continued security and reliability of our application. Vulnerability Details CVEID:CVE-2025-15284 DESCRIPTION: Improper...

6.3CVSS5.8AI score0.0041EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2026/03/16 11:3 a.m.•3 views

Security Bulletin: IBM Rhapsody Systems Engineering is using @modelcontextprotocol/sdk-1.15.0 which is vulnerable to CVE-2026-0621

Summary A security vulnerability was identified in the @modelcontextprotocol/sdk package used in our product. We have resolved the issue by updating to a non-vulnerable patched version to ensure the continued security and reliability of our application. Vulnerability Details CVEID:CVE-2026-0621...

8.7CVSS5.8AI score0.00399EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2026/03/16 10:58 a.m.•5 views

Security Bulletin: IBM Rhapsody Systems Engineering is using langchain-0.3.30 which is vulnerable to CVE-2025-68665

Summary A security vulnerability was identified in the Langchain OSS package used in our product. The issue has been resolved by removing the vulnerable package and all LangChain-related dependencies from the codebase. Vulnerability Details CVEID:CVE-2025-68665 DESCRIPTION: LangChain is a framewo...

9.1CVSS5.7AI score0.00746EPSS

Exploits0Affected Software1

CVE•added 2026/01/15 6:33 p.m.•10 views

CVE-2025-13845

CVE-2025-13845 affects Schneider Electric EcoStruxure Power Build Rapsody. The Red Hat/NVD entries and Schneider Electric communications describe a CWE-416 Use After Free vulnerability (also noted as a Double Free in some sources) that could allow remote code execution when an end user imports a ...

8.4CVSS7.8AI score0.00306EPSS

Exploits0References1Affected Software1

IBM Security Bulletins•added 2025/12/17 5:52 p.m.•13 views

Security Bulletin: IBM Rhapsody Systems Engineering is using next-15.4.7.tgz which is vulnerable to CVE-2025-55182

Summary A security vulnerability was identified in the Next.js package used in IBM Rhapsody Systems Engineering. The issue is resolved by updating to a non-vulnerable patched version to ensure the continued security and reliability of the product. Vulnerability Details CVEID:CVE-2025-55182...

10CVSS7.8AI score0.99562EPSS

Exploits370Affected Software1

IBM Security Bulletins•added 2025/11/06 10:56 a.m.•4 views

Security Bulletin: Due to use of Apache Commons Lang, IBM Engineering Systems Design Rhapsody is affected by an Uncontrolled Recursion vulnerability

Summary Apache Commons Lang is used internally by IBM Engineering Systems Design Rhapsody CVE-2025-48924 Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with...

5.3CVSS6.6AI score0.02164EPSS

Exploits0Affected Software1