Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
IbmRecent
RecentMost viewed

34922 matches found

IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/12 6:9 a.m.3 views

Security Bulletin: IBM WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager is vulnerable to a denial of service

Summary A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager CVE-2024-29371 Vulnerability Details CVEID:CVE-2024-29371 DESCRIPTION: In jose4j before 0.9.6, an attacker can cause a Denial-of-Service DoS...

7.5CVSS5.7AI score0.00021EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/12 12:30 a.m.4 views

Security Bulletin: Consul vulnerable to arbitrary file reads through the vault kubernetes authentication provider

Summary HashiCorp Consul and Consul Enterprise 1.18.20 up to 1.21.10 and 1.22.4 are vulnerable to arbitrary file read when configured with Kubernetes authentication. This vulnerability, CVE-2026-2808, is fixed in Consul 1.18.21, 1.21.11 and 1.22.5. Vulnerability Details CVEID:CVE-2026-2808...

6.8CVSS5.8AI score0.00034EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/11 10:24 p.m.4 views

Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are Vulnerable due to Cryptographic Weakness in IBM Liberty Server ( CVE-2020-36732)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the cryptographic weakness vulnerability Vulnerability Details CVEID:CVE-2020-36732 DESCRIPTION: The crypto-js package before 3.2.1 for Node.js generates random numbers by concatenating the string "0." with an intege...

5.3CVSS5.8AI score0.00876EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/11 10:20 p.m.7 views

Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are Vulnerable due to information disclosure (CVE-2025-14483)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed information disclosure security vulnerability Vulnerability Details CVEID:CVE-2025-14483 DESCRIPTION: IBM Sterling B2B Integrator and IBM Sterling File Gateway could disclose sensitive host information to authenticat...

6.5CVSS5.7AI score0.00041EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/11 10:18 p.m.5 views

Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are Vulnerable due to XSS vulnerability EBICS server (CVE-2025-14504)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed XSS vulnerability Vulnerability Details CVEID:CVE-2025-14504 DESCRIPTION: IBM Sterling B2B Integrator and IBM Sterling File Gateway is vulnerable to cross-site scripting. This vulnerability allows an authenticated us...

5.4CVSS5.5AI score0.00012EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/11 8:59 p.m.11 views

Security Bulletin: Due to the use of jetty IBM webMethods BPM is vulnerable to multiple vulnerabilities

Summary IBM webMethods BPM is dependant on jetty which is affected by known vulnerabilities CVE-2020-27223, CVE-2021-28169, CVE-2022-2047, CVE-2023-26049, CVE-2023-36478, CVE-2023-40167 Vulnerability Details CVEID:CVE-2020-27223 DESCRIPTION: In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114...

7.5CVSS6AI score0.9026EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/11 8:41 p.m.8 views

Security Bulletin: IBM Guardium Data Protection is affected by MySQL Server July 2025 CPU vulnerabilities.

Summary IBM Guardium Data Protection has addressed these vulnerabilities in an update. Vulnerability Details CVEID:CVE-2024-37891 DESCRIPTION: urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only se...

6.5CVSS6.8AI score0.00442EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/11 8:38 p.m.10 views

Security Bulletin: IBM Guardium Data Protection is affected by multiple vulnerabilities

Summary IBM Guardium Data Protection has addressed these vulnerabilities in an update. Vulnerability Details CVEID:CVE-2025-55163 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. Prior to versions 4.1.124.Final and 4.2.4.Final, Netty is vulnerable to MadeYouReset...

8.8CVSS7.7AI score0.00673EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/11 7:5 p.m.7 views

Security Bulletin: Multiple Security vulnerabilities affecting IBM Knowledge Catalog Premium Cartridge

Summary Multiple security vulnerabilities impacting IBM Knowledge Catalog Premium Cartridge. These vulnerabilities had been addressed and customers should update to the recommended version of the product at the earliest opportunity. Vulnerability Details CVEID:CVE-2024-38816 DESCRIPTION:...

9.8CVSS6.7AI score0.9389EPSS
Exploits13Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/11 6:45 p.m.3 views

Security Bulletin: Multiple Vulnerabilities in IBM Workload Scheduler component of IBM Workload Automation

Summary Multiple vulnerabilities were addressed in IBM Workload Scheduler component of IBM Workload Automation 10.2.5 Vulnerability Details CVEID:CVE-2024-21094 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause no confidentiali...

3.7CVSS6.7AI score0.00417EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/11 6:44 p.m.4 views

Security Bulletin: Multiple Vulnerabilities in IBM Workload Scheduler component of IBM Workload Automation

Summary Multiple vulnerabilities were addressed in IBM Workload Scheduler component of IBM Workload Automation 10.1.0.5 and 10.2.3 Vulnerability Details CVEID:CVE-2023-32342 DESCRIPTION: IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel...

7.5CVSS7.2AI score0.00058EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/11 6:41 p.m.6 views

Security Bulletin: Multiple Vulnerabilities in IBM Workload Scheduler Container component of IBM Workload Automation Container

Summary Multiple vulnerabilities were addressed in IBM Workload Scheduler Container component of IBM Workload Automation Container 10.1.0.6 and 10.2.5 Vulnerability Details CVEID:CVE-2023-6597 DESCRIPTION: An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions...

7.8CVSS6.8AI score0.00153EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/11 5:12 p.m.4 views

Security Bulletin: Multiple vulnerabilities in IBM Watsonx BI Assistant for CP4D

Summary Multiple vulnerabilities were addressed in IBM Watsonx BI Assistant for CP4D version 5.3.0 Vulnerability Details CVEID:CVE-2025-65945 DESCRIPTION: auth0/node-jws is a JSON Web Signature implementation for Node.js. In versions 3.2.2 and earlier and version 4.0.0, auth0/node-jws has an...

8.7CVSS5.2AI score0.00101EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/11 3:47 p.m.6 views

Security Bulletin: Vulnerability has been identified in WebSphere Application Server shipped with WebSphere Service Registry and Repository (CVE-2024-29371)

Summary WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository. Information about a denial of service vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins...

7.5CVSS5.7AI score0.00021EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/11 3:38 p.m.9 views

Security Bulletin: IBM Cloud Kubernetes Service is affected by Kubernetes Ingress Controller security vulnerability (CVE-2026-3288)

Summary IBM Cloud Kubernetes Service is affected by Kubernetes Ingress Controller security vulnerability CVE-2026-3288. A security issue was discovered in ingress-nginx where the nginx.ingress.kubernetes.io/rewrite-target Ingress annotation can be used to inject configuration into nginx. This can...

8.8CVSS6.3AI score0.00049EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/10 8:52 p.m.21 views

Security Bulletin: Vulnerabilities in MongoDB, Python, Node.js, Golang Go, Linux kernel affect IBM Spectrum Protect Plus

Summary IBM Spectrum Protect Plus can be affected by vulnerabilities in MongoDB, Python, Node.js, Golang Go and Linux. Vulnerabilities include obtaining sensitive information, causing a denial of service condition, the elevation of privileges, query parameter smuggling, remote execution of...

8.7CVSS7.8AI score0.05933EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/10 5:51 p.m.5 views

Security Bulletin: A vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Buinses Automation Workflow (CVE-2024-29371)

Summary WebSphere Application Server traditional is shipped as a component of IBM Business Automation Workflow traditional. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a security bulletin. Vulnerability Details Refer to...

7.5CVSS5.8AI score0.00021EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/10 3:29 p.m.8 views

Security Bulletin: Multiple vulnerabilities in IBM Aspera Orchestrator

Summary Multiple vulnerabilities were addressed in IBM Aspera Orchestrator 4.1.3 Vulnerability Details CVEID:CVE-2025-13213 DESCRIPTION: IBM Aspera Orchestrator is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to...

7.5CVSS5.8AI score0.00035EPSS
Exploits0Affected Software5
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/10 2:43 p.m.6 views

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2025-13465)

Summary IBM Security SOAR uses an older version of the Lodash component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.9.0 Vulnerability Details CVEID:CVE-2025-13465 DESCRIPTION: Lodash...

7.9CVSS5.7AI score0.00028EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/10 12:40 p.m.13 views

Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana within Instana Agent container image build 1.0.314 Vulnerability Details CVEID:CVE-2025-61727 DESCRIPTION: An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the...

10CVSS6.7AI score0.02889EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/10 10:37 a.m.4 views

Security Bulletin: IBM Trusteer Rapport installer affected by uncontrolled search path element vulnerability

Summary IBM Trusteer Rapport installer is affected by an uncontrolled search path element vulnerability that could allow a local attacker to execute arbitrary code. Vulnerability Details CVEID:CVE-2026-2713 DESCRIPTION: IBM Trusteer Rapport could allow a local attacker to execute arbitrary code o...

7.8CVSS6.1AI score0.00011EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/10 10:23 a.m.3 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in IBM Semeru Runtime

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2025-50059, CVE-2025-50106, CVE-2025-30749, CVE-2025-30761, CVE-2025-30754 of IBM Semeru Runtime Quarterly CPU - Jul 2025 . Vulnerability Details CVEID:CVE-2025-50059 DESCRIPTION: Vulnerability in the Oracle Java SE, Oracle...

8.6CVSS5.9AI score0.02123EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/10 10:20 a.m.4 views

Security Bulletin: IBM MQ is affected by an authority vulnerablility (CVE-2026-1713)

Summary IBM MQ has addressed an authority vulnerablility Vulnerability Details CVEID:CVE-2026-1713 DESCRIPTION: IBM MQ is affected by an authority vulnerability allowing users access to SYSTEM.AUTH.DATA.QUEUE. CWE:CWE-305: Authentication Bypass by Primary Weakness CVSS Source: IBM CVSS Base score...

5.5CVSS5.8AI score0.00005EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/10 10:18 a.m.6 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in http2-common (CVE-2025-5115)

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2025-5115 of http2-common-11.0.24.jar. Vulnerability Details CVEID:CVE-2025-5115 DESCRIPTION: In Eclipse Jetty, versions =9.4.57, =10.0.25, =11.0.25, =12.0.21, =12.1.0.alpha2, an HTTP/2 client may trigger the server to send...

7.7CVSS5.8AI score0.00529EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/10 10:16 a.m.3 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in spring-core (CVE-2025-41249)

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2025-41249 of spring-core-6.2.6.jar. Vulnerability Details CVEID:CVE-2025-41249 DESCRIPTION: The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a...

7.5CVSS5.7AI score0.00112EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/10 10:14 a.m.8 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in spring-security-core (CVE-2025-41248)

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2025-41248 of spring-security-core-6.4.5.jar. Vulnerability Details CVEID:CVE-2025-41248 DESCRIPTION: The Spring Security annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies...

7.5CVSS5.7AI score0.0009EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/10 10:10 a.m.6 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in IBM Semeru Runtime (CVE-2025-53057, CVE-2025-53066)

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2025-53057, CVE-2025-53066 of IBM Semeru Runtime Quarterly CPU - Oct 2025 Vulnerability Details CVEID:CVE-2025-53057 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security component could allow a remote...

7.5CVSS5.8AI score0.00068EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/10 10:10 a.m.5 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in IBM SDK, Java Technology (CVE-2025-53066, CVE-2025-53057)

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2025-53066, CVE-2025-53057 of IBM SDK, Java Technology Edition Quarterly CPU - Oct 2025 Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow ...

7.5CVSS5.8AI score0.00068EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/10 8:18 a.m.6 views

Security Bulletin: IBM Maximo Application Suite uses os/exec 1.24.3; 1.24.4, ansible-9.4.0, github.com/eclipse/paho.mqtt.golang v1.3.5 and archive/tar 1.24.2; 1.24.4 which is vulnerable to CVE-2025-47906,CVE-2025-14010,CVE-2025-10543 and CVE-2025-58183

Summary IBM Maximo Application Suite uses os/exec 1.24.3; 1.24.4, ansible-9.4.0, github.com/eclipse/paho.mqtt.golang v1.3.5 and archive/tar 1.24.2; 1.24.4 which is vulnerable to CVE-2025-47906,CVE-2025-14010,CVE-2025-10543 and CVE-2025-58183. This bulletin contains information regarding the...

6.5CVSS5.8AI score0.00044EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/10 7:58 a.m.5 views

Security Bulletin: IBM Streamsets Cartridge shipped with publicy disclosed vulnerablity version of containerd

Summary IBM Streamsets Cartridge shipped with publicy disclosed vulnerablity version of containerd github.com/containerd/containerd v1.7.28 CVE-2024-25621 Vulnerability Details CVEID:CVE-2024-25621 DESCRIPTION: containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28,...

7.8CVSS5.8AI score0.00005EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/10 7:52 a.m.15 views

Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana within Instana Agent container image build 1.0.311 Vulnerability Details CVEID:CVE-2025-61725 DESCRIPTION: The ParseAddress function constructs domain-literal address components through repeated string concatenatio...

7.8CVSS6.2AI score0.00102EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/10 7:7 a.m.13 views

Security Bulletin: Multiple vulnerabilities in IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Multiple vulnerabilities were addressed in IBM watsonx Orchestrate with watsonx Assistant Cartridge version 5.3.1 Vulnerability Details CVEID:CVE-2025-58183 DESCRIPTION: tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A...

7.5CVSS5.7AI score0.00306EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/10 5:13 a.m.4 views

Security Bulletin: A security vulnerability in spring-expression-5.3.31.jar affects IBM DevOps Code ClearCase [CVE-2024-38808]

Summary A security vulnerability in spring-expression-5.3.31.jar affects IBM DevOps Code ClearCase CVE-2024-38808 Vulnerability Details CVEID:CVE-2024-38808 DESCRIPTION: In Spring Framework versions 5.3.0 - 5.3.38 and older unsupported versions, it is possible for a user to provide a specially...

4.3CVSS5.8AI score0.00809EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/10 5:13 a.m.4 views

Security Bulletin: A security vulnerability in logback-classic-1.3.14.jar affects IBM DevOps Code ClearCase [CVE-2024-12798]

Summary A security vulnerability in logback-classic-1.3.14.jar affects IBM DevOps Code ClearCase CVE-2024-12798 Vulnerability Details CVEID:CVE-2024-12798 DESCRIPTION: ACE vulnerability in JaninoEventEvaluator by QOS.CH logback-core upto including version 0.1 to 1.3.14 and 1.4.0 to 1.5.12 in Java...

5.9CVSS6.1AI score0.00169EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/10 5:12 a.m.7 views

Security Bulletin: Multiple vulnerabilities in logback-core-1.3.14.jar affects IBM DevOps Code ClearCase [CVE-2024-12798, CVE-2024-12801, CVE-2025-11226,CVE-2026-1225]

Summary Multiple vulnerabilities in logback-core-1.3.14.jar affects IBM DevOps Code ClearCase CVE-2024-12798, CVE-2024-12801, CVE-2025-11226,CVE-2026-1225 Vulnerability Details CVEID:CVE-2026-1225 DESCRIPTION: ACE vulnerability in configuration file processing by QOS.CH logback-core up to and...

5.9CVSS6.1AI score0.00169EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/09 9:3 p.m.9 views

Security Bulletin: Multiple vulnerabilities impact AIX/VIOS due to OpenSSL

Summary Vulnerabilities in OpenSSL could allow an attacker to potentially execute arbitrary code CVE-2025-15467 or cause a denial of service CVE-2025-68160, CVE-2025-69418, CVE-2025-69419, CVE-2025-69420, CVE-2025-69421, CVE-2026-22795, CVE-2026-22796. OpenSSL is used by AIX as part of AIX's secu...

8.8CVSS6.6AI score0.02889EPSS
Exploits7Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/09 9:2 p.m.7 views

Security Bulletin: Multiple Vulnerabilities in IBM StreamSets Data Collector

Summary Multiple vulnerabilities were addressed in IBM StreamSets Data Collector version 7.2.0 Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, eve...

7.3CVSS6AI score0.00062EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/09 5:37 p.m.6 views

Security Bulletin: IBM Verify Identity Governance (IVIG/ISVG) has multiple vulnerabilities

Summary Multiple security vulnerabilities in the dependent components have been addressed in the latest updates to IBM Security Verify Governance and its re-branded version, IBM Verify Identity Governance Vulnerability Details CVEID:CVE-2025-36097 DESCRIPTION: IBM WebSphere Application Server 9.0...

7.8CVSS7AI score0.0027EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/09 5:19 p.m.9 views

Security Bulletin: Multiple vulnerabilities addressed in Cloudera Base on premises Cloudera Runtime 7.3.1.700 SP3 CHF 2

Summary Security Bulletin: Multiple vulnerabilities addressed in Cloudera Base on premises Cloudera Runtime 7.3.1.700 SP3 CHF 2 Vulnerability Details CVEID:CVE-2024-22415 DESCRIPTION: jupyter-lsp is a coding assistance tool for JupyterLab code navigation + hover suggestions + linters +...

9.8CVSS7AI score0.03974EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/09 5:14 p.m.4 views

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2026-24001)

Summary IBM Security SOAR uses an older version of the jsdiff component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.9.0 Vulnerability Details CVEID:CVE-2026-24001 DESCRIPTION: jsdiff ...

7.5CVSS5.7AI score0.00023EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/09 5:7 p.m.5 views

Security Bulletin: Multiple vulnerabilities addressed in Cloudera Base on premises Cloudera Runtime 7.3.1.700 SP3 CHF 2

Summary Security Bulletin: Multiple vulnerabilities addressed in Cloudera Base on premises Cloudera Runtime 7.3.1.700 SP3 CHF 2 Vulnerability Details CVEID:CVE-2025-27221 DESCRIPTION: In the URI gem before 1.0.3 for Ruby, the URI handling methods URI.join, URImerge, URI+ have an inadvertent leaka...

7.5CVSS7.2AI score0.8042EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/09 5:7 p.m.6 views

Security Bulletin: Common vulnerabilities addressed in Cloudera Observability 3.6.2

Summary Security Bulletin: Common vulnerabilities addressed in Cloudera Observability 3.6.2 Vulnerability Details CVEID:CVE-2025-53864 DESCRIPTION: Connect2id Nimbus JOSE + JWT 10.0.x before 10.0.2 and 9.37.x before 9.37.4 allows a remote attacker to cause a denial of service via a deeply nested...

6.5CVSS7.2AI score0.00521EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/09 3:28 p.m.4 views

Security Bulletin: IBM Maximo Asset Configuration Manager uses log4j-core-2.17.1 which is vulnerable to CVE-2025-68161

Summary IBM Maximo Asset Configuration Manager uses log4j-core-2.17.1 which is vulnerable to CVE-2025-68161. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions...

6.3CVSS6.3AI score0.00029EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/09 3:22 p.m.4 views

Security Bulletin: Security Vulnerabilities affect IBM Voice Gateway

Summary Security Vulnerabilities affect IBM Voice Gateway. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-12635 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.12 are affected by cross-site...

7.5CVSS6.1AI score0.00089EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/09 3:16 p.m.5 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by a vulnerability that could provide weaker than expected security (CVE-2025-14923)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by a vulnerability that could provide weaker than expected security when using the Security Utility to administer security settings. Vulnerability Details Refer to the security...

9.8CVSS5.8AI score0.00035EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/09 3:14 p.m.3 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Enterprise Application Runtimes, is affected by a vulnerability that could provide weaker than expected security (CVE-2025-14923)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Enterprise Application Runtimes, is affected by a vulnerability that could provide weaker than expected security when using the Security Utility to administer security settings. Vulnerability Details Refer to the security...

9.8CVSS5.8AI score0.00035EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/09 3:13 p.m.7 views

Security Bulletin: IBM WebSphere Application Server could provide weaker than expected security (CVE-2025-13333)

Summary IBM WebSphere Application Server could provide weaker than expected security. Vulnerability Details CVEID:CVE-2025-13333 DESCRIPTION: IBM WebSphere Application Server could provide weaker than expected security during system administration of security settings. CWE:CWE-358: Improperly...

4.9CVSS5.8AI score0.00014EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/09 3:12 p.m.4 views

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2026-1188)

Summary IBM Security SOAR uses an older version of the OMR component in OpenJ9 JVM that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.9.0 Vulnerability Details CVEID:CVE-2026-1188 DESCRIPTIO...

9.8CVSS6AI score0.00025EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/09 3:12 p.m.3 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by a vulnerability that could provide weaker than expected security (CVE-2025-14923)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by a vulnerability that could provide weaker than expected security when using the Security Utility to administer security settings. Vulnerability Details Refer to the security...

9.8CVSS5.8AI score0.00035EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/09 2:42 p.m.5 views

Security Bulletin: Due to the use of JetBrains Kotlin, IBM webMethods BPM is vulnerable to the use of Java API for temporary file and folder creation

Summary IBM webMethods BPM uses JetBrains Kotlin which is vulnerable to the use of Java API for temporary file and folder creation. Vulnerability Details CVEID:CVE-2020-29582 DESCRIPTION: In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An...

5.3CVSS5.8AI score0.00004EPSS
Exploits0Affected Software1
Total number of security vulnerabilities34922