Security Bulletin: IBM SPSS Analytic Server is affected by multiple vulnerabilities in IBM WebSphere Application Server Liberty (CVE-2025-14914, CVE-2025-12635)

Summary IBM SPSS Analytic Server is affected by multiple vulnerabilities in IBM WebSphere Application Server Liberty CVE-2025-14914, CVE-2025-12635. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-14914 DESCRIPTION: IBM WebSphere Application Server Liberty...

IBM WebSphere Application Server Liberty 信息泄露漏洞

IBM WebSphere Application Server Liberty is a Java application server developed by IBM, based on the Open Liberty project. Versions of IBM WebSphere Application Server Liberty 26.0.0.3 and earlier have a vulnerability related to privilege escalation, which may allow privileged users to gain...

IBM WebSphere Application Server Liberty 17.0.0.3 < 26.0.0.4 Privilege Escalation (7267345)

The version of IBM WebSphere Application Server Liberty running on the remote host is affected by a privilege escalation vulnerability as referenced in the 7267345 advisory. - IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is affected...

IBM WebSphere Application Server Liberty 代码问题漏洞

IBM WebSphere Application Server Liberty is a Java application server developed by IBM, based on the Open Liberty project. Versions of IBM WebSphere Application Server Liberty 26.0.0.3 and earlier contain code vulnerabilities that are susceptible to server-side request forgeing attacks. These...

IBM WebSphere Application Server Liberty 17.0.0.3 < 26.0.0.4 (7267351)

The version of IBM WebSphere Application Server Liberty running on the remote host is affected by a vulnerability as referenced in the 7267351 advisory. - Immutable.js provides many Persistent Immutable data structures. Prior to versions 3.8.3, 4.3.7, and 5.1.5, Prototype Pollution is possible in...

IBM WebSphere Application Server Liberty 17.0.0.3 < 26.0.0.4 (7267347)

The version of IBM WebSphere Application Server Liberty running on the remote host is affected by a vulnerability as referenced in the 7267347 advisory. - IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is vulnerable to server-side...

IBM WebSphere Application Server Liberty 安全漏洞

IBM WebSphere Application Server Liberty is a Java application server developed by IBM, based on the Open Liberty project. Versions of IBM WebSphere Application Server Liberty 26.0.0.3 and earlier contain security vulnerabilities, which stem from insufficient security provided during the manageme...

IBM WebSphere Application Server Liberty 17.0.0.3 < 26.0.0.4 (7267362)

The version of IBM WebSphere Application Server Liberty running on the remote host is affected by a vulnerability as referenced in the 7267362 advisory. - IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expect...

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in IBM WebSphere Application Server Liberty (CVE-2025-12635)

Summary A vulnerability in IBM WebSphere Application Server Liberty that is used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-12635 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through...

Security Bulletin: IBM WebSphere Application Server Liberty is affected by a prototype pollution vulnerability due to immutable (CVE-2026-29063)

Summary There is a vulnerability in the immutable library which affects IBM WebSphere Application Server Liberty with the openapi-3.0, openapi-3.1, mpOpenAPI-1.0, mpOpenAPI-1.1, mpOpenAPI-2.0, mpOpenAPI-3.0 mpOpenAPI-3.1, mpOpenAPI-4.0 or mpOpenAPI-4.1 feature enabled. Vulnerability Details...

Security Bulletin: Security vulnerabilities may affect IBM WebSphere Liberty and Expat that are shipped with IBM CICS TX Standard.

Summary Security vulnerabilities may affect IBM WebSphere Liberty and Expat that are shipped with IBM CICS TX Standard CVE-2025-14914, CVE-2022-23990, CVE-2024-28757, CVE-2025-59375 and CVE-2025-12635. IBM WebSphere Liberty and Expat have been updated within IBM CICS TX Standard to address these...

PT-2026-27496

IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is vulnerable to server-side request forgery SSRF. This may allow remote attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating...

PT-2026-27494

Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server Liberty affected versions not specified Description IBM WebSphere Application Server Liberty is susceptible to a privilege escalation issue. The issue allows an attacker to gain elevated privileges within the...

PT-2026-27495

Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server Liberty versions 17.0.0.3 through 26.0.0.3 Description IBM WebSphere Application Server Liberty may exhibit weaker than expected security when administering security settings. Recommendations Update to a versio...

Security Bulletin: IBM WebSphere Application Server Liberty could provide weaker than expected security (CVE-2025-14923)

Summary IBM WebSphere Application Server could provide weaker than expected security when using the Security Utility to encode a secret. Vulnerability Details CVEID:CVE-2025-14923 DESCRIPTION: IBM WebSphere Application Server Liberty could provide weaker than expected security when using the...

Security Bulletin: Security vulnerabilities may affect IBM WebSphere Liberty that is shipped with IBM CICS TX Advanced (CVE-2025-12635 and CVE-2025-14914).

Summary Security vulnerabilities may affect IBM WebSphere Liberty that is shipped with IBM CICS TX Advanced CVE-2025-12635 and CVE-2025-14914. IBM WebSphere Liberty has been updated within IBM CICS TX Advanced to address these vulnerabilities. Vulnerability Details CVEID:CVE-2025-12635 DESCRIPTIO...

Security Bulletin: Security vulnerabilities may affect IBM WebSphere Liberty that is shipped with TXSeries for Multiplatforms (CVE-2025-12635 and CVE-2025-14914).

Summary Security vulnerabilities may affect IBM WebSphere Liberty that is shipped with TXSeries for Multiplatforms CVE-2025-12635 and CVE-2025-14914. IBM WebSphere Liberty has been updated within TXSeries for Multiplatforms to address these vulnerabilities. Vulnerability Details...

Security Bulletin: due to the use of IBM WebSphere Application Server and WebSphere Application Server Liberty, IBM Watson Explorer is vulnerable to a cross-site scripting vulnerability.

Summary IBM WebSphere Application Server and IBM WebSphere Application Server Liberty is used by IBM Watson Explorer. IBM Watson Explorer has addressed the applicable CVE CVE-2025-12635 Vulnerability Details CVEID:CVE-2025-12635 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM...

Security Bulletin: IBM WebSphere Application Server Liberty shipped with IBM OpenPages is vulnerable to multiple vulnerabilities

Summary IBM WebSphere Application Server Liberty is shipped as a supporting program of IBM OpenPages. Information about multiple vulnerabilities affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. These products have addressed the applicable CVEs. For a...

Security Bulletin: IBM Operations Analytics - Log Analysis is affected by cross-site scripting due to WebSphere Application Server Liberty

Summary WebSphere Application Server Liberty is used by IBM Operations Analytics - Log Analysis as part of managing the lifecycle of Java servlets and client. CVE-2025-12635. Vulnerability Details CVEID:CVE-2025-12635 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere...