Security Bulletin: IBM watsonx.data integration (Data Observability) is vulnerable to node-forge-1.3.1.tgz due to CVE-2025-12816 ( CVE number(s) )

Summary An interpretation-conflict CWE-436 vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security...

Security Bulletin: IBM watsonx.data integration has several vulnerabilities due to open source packages (CVE-2025-62727, CVE-2025-58754)

Summary Open source packages are used as part of the overall processing in IBM watsonx.data integration. Vulnerability Details CVEID:CVE-2025-62727 DESCRIPTION: Starlette is a lightweight ASGI framework/toolkit. Starting in version 0.39.0 and prior to version 0.49.1 , an unauthenticated attacker...