Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2026-42264)

Summary IBM Security SOAR uses an older version of the Axios component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.10.0 Vulnerability Details CVEID:CVE-2026-42264 DESCRIPTION: Axios i...

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2026-40175)

Summary IBM Security SOAR uses an older version of the Axios component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.10.0 Vulnerability Details CVEID:CVE-2026-40175 DESCRIPTION: Axios i...

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2026-2950)

Summary IBM Security SOAR uses an older version of the Lodash component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.10.0 Vulnerability Details CVEID:CVE-2026-2950 DESCRIPTION: Impact:...

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2024-11079)

Summary IBM Security SOAR uses an older version of the Ansible-Core component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.10.0 Vulnerability Details CVEID:CVE-2024-11079 DESCRIPTION: ...

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2026-27601)

Summary IBM Security SOAR uses an older version of the Underscore.js component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.9.2 Vulnerability Details CVEID:CVE-2026-27601 DESCRIPTION:...

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2025-15599)

Summary IBM Security SOAR uses an older version of the DOMPurify component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.9.2 Vulnerability Details CVEID:CVE-2025-15599 DESCRIPTION:...

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2026-27903)

Summary IBM Security SOAR uses an older version of the minimatch component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.9.1 Vulnerability Details CVEID:CVE-2026-27903 DESCRIPTION:...

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2026-26996)

Summary IBM Security SOAR uses an older version of the minimatch component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.9.1 Vulnerability Details CVEID:CVE-2026-26996 DESCRIPTION:...

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2025-13465)

Summary IBM Security SOAR uses an older version of the Lodash component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.9.0 Vulnerability Details CVEID:CVE-2025-13465 DESCRIPTION: Lodash...

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2026-24001)

Summary IBM Security SOAR uses an older version of the jsdiff component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.9.0 Vulnerability Details CVEID:CVE-2026-24001 DESCRIPTION: jsdiff ...

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2026-1188)

Summary IBM Security SOAR uses an older version of the OMR component in OpenJ9 JVM that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.9.0 Vulnerability Details CVEID:CVE-2026-1188 DESCRIPTIO...

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2025-57352)

Summary IBM Security SOAR uses an older version of min-document that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended customers upgrade to version 51.0.8.1 or later. Vulnerability Details CVEID:CVE-2025-57352 DESCRIPTION...

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2025-9670)

Summary IBM Security SOAR uses an older version of the turndown javascript module that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.8.0 Vulnerability Details CVEID:CVE-2025-9670 DESCRIPTION...

Security Bulletin: Due to the use of Swagger UI, IBM Security SOAR is vulnerable to spoofing attacks..

Summary IBM Security SOAR uses Swagger-UI internally. CVE-2025-25031 Vulnerability Details CVEID:CVE-2018-25031 DESCRIPTION: Swagger UI 4.1.2 and earlier could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit this...

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2025-7783)

Summary IBM Security SOAR uses an older version of the form-data javascript module that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.7.1 Vulnerability Details CVEID:CVE-2025-7783 DESCRIPTIO...

Security Bulletin: Due to use of Java SE, IBM Security SOAR is affected by unspecified vulnerabilities (CVE-2025-50106, CVE-2025-30749, CVE-2025-30761 & CVE-2025-30754)

Summary IBM Security SOAR uses Java SE library internally. Vulnerability Details CVEID:CVE-2025-50106 DESCRIPTION: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracl...

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2025-5889)

Summary IBM Security SOAR uses an older version of brace-expansion that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended customers upgrade to version 51.0.7.1 or later. Vulnerability Details CVEID:CVE-2025-5889...

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2025-58754)

Summary IBM Security SOAR uses an older version of axios that may be identified and exploited. Updates for supported versions have been released which address this issue. Vulnerability Details CVEID:CVE-2025-58754 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. When...

EUVD-2021-16259

Malware in sbrugna...

EUVD-2024-41549

Malicious code in bioql PyPI...