Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
IbmRecent
RecentMost viewed

34926 matches found

IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/26 4:52 p.m.5 views

Security Bulletin: IBM MQ Appliance uses weaker than expected cryptographic algorithms (CVE-2025-14456)

Summary IBM MQ Appliance has addressed use of weaker than expected cryptographic algorithms. Vulnerability Details CVEID:CVE-2025-14456 DESCRIPTION: IBM MQ Appliance uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. CWE:CWE-32...

5.9CVSS5.5AI score0.0001EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/26 4:45 p.m.12 views

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to multiple vulnerabilities due to IBM Java SDK (CVE-2026-21945,CVE-2026-21932,CVE-2026-21933 & CVE-2026-21925))

Summary IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to multiple vulnerabilities due to IBM Java SDK. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by an easily exploitable vulnerability issue that allows...

7.5CVSS5.8AI score0.00089EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/26 12:54 p.m.8 views

Security Bulletin: IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary Multiple components with known vulnerabilities were addressed in IBM QRadar SIEM 7.5.0 UP14 IF05 Vulnerability Details CVEID:CVE-2025-68615 DESCRIPTION: net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet to an net-sn...

9.8CVSS5.9AI score0.00594EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/26 12:31 p.m.5 views

Security Bulletin: IBM DevOps Plan is vulnerable to Excessive Authentication Attempts ( CVE-2025-36363)

Summary IBM DevOps Plan is vulnerable to brute force attack due to improper restriction of excessive authentication attempts. Vulnerability Details CVEID:CVE-2025-36363 DESCRIPTION: IBM DevOps Plan uses an inadequate account lockout setting that could allow a remote attacker to brute force accoun...

7.5CVSS5.5AI score0.00058EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/26 12:22 p.m.5 views

Security Bulletin: IBM DevOps Plan REST APIs are vulnerable to exposure of sensitive data through request query parameters. (CVE-2025-36364)

Summary A vulnerability has been identified in IBM DevOps Plan REST APIs where sensitive data is transmitted via request query parameters. Vulnerability Details CVEID:CVE-2025-36364 DESCRIPTION: IBM DevOps Plan allows web page cache to be stored locally which can be read by another user on the...

6.2CVSS5.3AI score0.00016EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/26 12:14 p.m.7 views

Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is affected by a denial of service due to jose4j (CVE-2024-29371)

Summary IBM WebSphere Application Server shipped with Jazz for Service Management JazzSM is affected by a denial of service due to jose4j. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|-...

7.5CVSS5.4AI score0.00021EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/26 12:13 p.m.6 views

Security Bulletin: A vulnerability has been identified in IBM WebSphere Application Server used by IBM Rational ClearQuest (CVE-2024-29371)

Summary IBM WebSphere Application Server is used by the IBM Rational ClearQuest server. Information about security vulnerabilities affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

7.5CVSS5.4AI score0.00021EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/26 11:10 a.m.6 views

Security Bulletin: A vulnerability in Java affects IBM License Metric Tool v9 (CVE-2026-1188).

Summary A vulnerability in Java component used by IBM License Metric Tool have been remediated. Vulnerability Details CVEID:CVE-2026-1188 DESCRIPTION: In the Eclipse OMR port library component since release 0.2.0, an API function to return the textual names of all supported processor features was...

9.8CVSS6AI score0.00025EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/26 10:4 a.m.10 views

Security Bulletin: Multiple vulnerabilities in IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Multiple vulnerabilities were addressed in IBM watsonx Orchestrate with watsonx Assistant Cartridge version 5.3.1 Vulnerability Details CVEID:CVE-2025-11965 DESCRIPTION: In Eclipse Vert.x versions 4.0.0, 4.5.21 and 5.0.0, 5.0.4, a StaticHandler configuration for restricting access to hidd...

8.6CVSS6AI score0.05933EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/26 9:40 a.m.7 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining Interim Fix for February 2026

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Process Mining 2.1.0 IF002 Vulnerability Details CVEID:CVE-2026-1225 DESCRIPTION: ACE vulnerability in configuration file processing by QOS.CH logback-core up to a...

8.7CVSS6.6AI score0.0007EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/26 4:30 a.m.8 views

Security Bulletin: IBM Security Verify Governance has multiple vulnerabilities

Summary Multiple security vulnerabilities in the dependent components have been addressed in the latest update to IBM Security Verify Governance. Vulnerability Details CVEID:CVE-2025-39697 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a race when updati...

9.1CVSS7AI score0.1902EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/26 3:23 a.m.8 views

Security Bulletin: Multiple Vulnerabilities in IBM Tivoli Netcool/OMNIbus_GUI (CVE-2019-17570, CVE-2025-64775)

Summary Multiple vulnerabilities were addressed in IBM Tivoli Netcool/OMNIbusGUI 8.1.0 Fix Pack 40. Vulnerability Details CVEID:CVE-2025-64775 DESCRIPTION: Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache...

9.8CVSS6.2AI score0.70524EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/26 3:4 a.m.9 views

Security Bulletin: IBM Sterling Secure Proxy is vulnerable to multiple issues

Summary Multiple vulnerabilities affect IBM Sterling Secure Proxy and are addressed in the latest release and fixpack Vulnerability Details CVEID:CVE-2025-64756 DESCRIPTION: Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the...

9.8CVSS6.7AI score0.00107EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/26 1:5 a.m.10 views

Security Bulletin: Investigation Assistant App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. Investigation Assistant App for IBM QRadar SIEM has addressed the applicable CVEs in an update. Vulnerability Details CVEID:CVE-2025-66221 DESCRIPTION: Werkzeu...

8.7CVSS6.1AI score0.0007EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/26 12:36 a.m.11 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows

Summary There are multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows. All platforms are affected, and all previous versions may also be affected. Vulnerability Details CVEID:CVE-2024-3933 DESCRIPTION: In Eclipse OpenJ9 release versions prior to 0.44...

9.8CVSS7.6AI score0.00435EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/25 9:44 p.m.4 views

Security Bulletin: IBM FoundationDB Operator Vulnerable to kube-apiserver vulnerability (CVE-2022-3172)

Summary IBM FoundationDB Operator addressed kube-apiserver vulnerability. Vulnerability Details CVEID:CVE-2022-3172 DESCRIPTION: A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This could lead to the client performing...

8.2CVSS5.4AI score0.03414EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/25 9:31 p.m.7 views

Security Bulletin: Go Vulnerabilities affect IBM IBM Database Operator for FoundationDB (CVE-2022-27191, CVE-2021-43565)

Summary The issue has been fixed as part of Cloud Pak for Data release 4.6 Vulnerability Details CVEID:CVE-2022-27191 DESCRIPTION: Go ssh package is vulnerable to a denial of service, caused by an unspecified flaw in certain circumstances involving AddHostKey. By sending a specially-crafted...

7.5CVSS8.6AI score0.00089EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/25 7:18 p.m.5 views

Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by a denial of service due to jose4j (CVE-2024-29371)

Summary There is a vulnerability in the jose4j library used by IBM WebSphere Application Server traditional and WebSphere Application Server Liberty. Vulnerability Details CVEID:CVE-2024-29371 DESCRIPTION: In jose4j before 0.9.6, an attacker can cause a Denial-of-Service DoS condition by crafting...

7.5CVSS5.5AI score0.00021EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/25 7:11 p.m.7 views

Security Bulletin: MongoDB Enterprised Advanced affected by: Use of Insufficiently Random Values vulnerability (CVE-2025-7783)

Summary There is 1 vulnerability in form-data-2.3.3.tgz used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-7783. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2025-7783 DESCRIPTION: Use of Insufficiently Random Values vulnerability in form-data allows HTTP...

9.4CVSS5.4AI score0.01319EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/25 6:44 p.m.7 views

Security Bulletin: FDB

Summary The library is included as part of the GO installed and not directly affect the product in any means. The go version has been updated since then and has been fixed. This only affect pre-CPD 4.5 Vulnerability Details CVEID:CVE-2022-21698 DESCRIPTION: Prometheus Go client library clientgola...

7.5CVSS5.6AI score0.00376EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/25 5:25 p.m.6 views

Security Bulletin: Security vulnerabilities may affect IBM Java shipped with IBM CICS TX Advanced

Summary Security vulnerabilities may affect IBM Java shipped with IBM CICS TX Advanced. An update to IBM CICS TX Advanced has been released to address these vulnerabilities. Vulnerability Details CVEID:CVE-2026-1188 DESCRIPTION: In the Eclipse OMR port library component since release 0.2.0, an AP...

9.8CVSS6.2AI score0.00089EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/25 5:19 p.m.7 views

Security Bulletin: Security vulnerabilities may affect IBM Java shipped with TXSeries for Multiplatforms.

Summary Security vulnerabilities may affect IBM Java shipped with TXSeries for Multiplatforms. An update to TXSeries for Multiplatforms has been released to address these vulnerabilities. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service, caused ...

9.8CVSS6.2AI score0.00089EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/25 5:18 p.m.12 views

Security Bulletin: TSSC/IMC addresses multiple security vulnerabilities.

Summary TSSC/IMC addresses multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2025-14523 DESCRIPTION: A flaw in libsoup’s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common...

9.8CVSS6.2AI score0.00594EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/25 5:12 p.m.5 views

Security Bulletin: Security vulnerabilities may affect IBM Java shipped with IBM CICS TX Standard

Summary Security vulnerabilities may affect IBM Java shipped with IBM CICS TX Standard. An update to IBM CICS TX Standard has been released to address these vulnerabilities. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by an easily...

9.8CVSS6.2AI score0.00089EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/25 5:4 p.m.9 views

Security Bulletin: IBM Sterling Transformation Extender is affected by MongoBleed security vulnerability

Summary IBM Sterling Transformation Extender uses MongoDB and is affected by MongoBleed security vulnerability CVE-2025-14847. Vulnerability Details CVEID:CVE-2025-14847 DESCRIPTION: Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an...

8.7CVSS5.7AI score0.56927EPSS
Exploits38Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/25 4:33 p.m.5 views

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to sensitive information leak due to HTTP response (CVE-2025-13616)

Summary DataStage on Cloud Pak for Data is vulnerable to sensitive information leak due to HTTP response Vulnerability Details CVEID:CVE-2025-13616 DESCRIPTION: IBM DataStage on Cloud Pak for Data returns sensitive information in an HTTP response that could be used in further attacks against the...

7.5CVSS5.4AI score0.00043EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/25 4:32 p.m.8 views

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities in Node.js and LangChain

Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities in Node.js and LangChain. CVE-2025-65945, CVE-2025-68664, CVE-2025-12758 The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-65945 DESCRIPTION:...

9.3CVSS5.9AI score0.02624EPSS
Exploits7Affected Software2
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/25 4:28 p.m.14 views

Security Bulletin: Multiple vulnerabilities in DataStage on Cloud Pak for Data

Summary DataStage on Cloud Pak for Data is vulnerable to multiple software vulnerabilities due to open source packages. Vulnerability Details CVEID:CVE-2025-61724 DESCRIPTION: The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the...

8.6CVSS7AI score0.00137EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/25 4:10 p.m.6 views

Security Bulletin: SPSS Collaboration and Deployment Services is affected by vulnerabilities in body-parser (CVE-2025-13466) and qs (CVE-2025-15284, CVE-2026-2391)

Summary SPSS Collaboration and Deployment Services is affected by vulnerabilities in body-parser CVE-2025-13466 and qs CVE-2025-15284, CVE-2026-2391. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-15284 DESCRIPTION: Improper Input Validation vulnerability...

7.5CVSS5.7AI score0.0005EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/25 3:8 p.m.4 views

Security Bulletin: A vulnerability in WebSphere Application Server Liberty affects IBM License Metric Tool

Summary There is a vulnerability in the WebSphere Application Server Liberty used by IBM License Metric Tool. Vulnerability Details CVEID:CVE-2025-12635 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.12 are affected by...

5.4CVSS5.2AI score0.00019EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/25 9:46 a.m.9 views

Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationRuntime and IntegrationServer operands are vulnerable to denial of service (CVE-2026-0621)

Summary Node.js module @modelcontextprotocol/sdk is found in IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container IntegrationRuntime and IntegrationServer operands are vulnerable to denial of service. This bulletin provides patch information to address th...

8.7CVSS4.8AI score0.00037EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/25 8:51 a.m.8 views

Security Bulletin: Vulnerability in libxml2 affects IBM Cloud Pak System[CVE-2025-6021]

Summary A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. Vulnerability was addressed in IBM Cloud Pak System version 2.3.6.1. Vulnerability Details CVEID:CVE-2025-6021 DESCRIPTION: A flaw was found...

7.5CVSS6AI score0.02116EPSS
Exploits1Affected Software4
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/25 4:42 a.m.9 views

Security Bulletin: IBM Automation Decision Services for Jan 2026- Multiple CVEs addressed

Summary IBM Automation Decision Services is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-7783...

9.4CVSS6.5AI score0.01319EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/25 4:9 a.m.7 views

Security Bulletin: The IBM SPSS Collaboration and Deployment Services impacted by multiple vulnerabilities disclosed in IBM Semeru Runtime

Summary The IBM SPSS Collaboration and Deployment Services impacted by multiple vulnerabilities disclosed in IBM Semeru Runtime CVE-2026-21945, CVE-2026-21932, CVE-2026-21933, CVE-2026-21925, CVE-2026-1188. These vulnerabilities are addressed. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTIO...

9.8CVSS6.2AI score0.00089EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/24 10:29 p.m.5 views

Security Bulletin: MongoDB Enterprised Advanced affected by: Inefficient Regular Expression Complexity (CVE-2025-27789)

Summary There are vulnerabilities in helpers-7.21.5.tgz, helpers-7.22.6.tgz, helpers-7.25.0.tgz, runtime-7.21.0.tgz, runtime-7.22.10.tgz, runtime-7.23.2.tgz used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-27789. The vulnerabilities have been addressed. Vulnerability Details...

6.2CVSS5.4AI score0.0006EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/24 10:29 p.m.6 views

Security Bulletin: MongoDB Enterprised Advanced affected by: Allocation of Resources Without Limits or Throttling vulnerability (CVE-2025-8885)

Summary There is a vulnerability in bc-fips-1.0.2.5.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-8885. The vulnerability has/vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-8885 DESCRIPTION: Allocation of Resources Without Limits or Throttling...

6.3CVSS5.5AI score0.00121EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/24 9:9 p.m.6 views

Security Bulletin: Improper neutralization of null bytes may lead to buffer over-reads in MongoDB Server affecting MongoDB Enterprised Advanced (CVE-2024-10921)

Summary There is a vulnerability in MongoDB Server used in MongoDB Enterprised Advanced for IBM, involving improper neutralization of null bytes may lead to buffer over-reads in MongoDB Server. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2024-10921 DESCRIPTION: An...

8.1CVSS5.7AI score0.00758EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/24 7:20 p.m.8 views

Security Bulletin: Vulnerabilities in body-parser-2.2.0.tgz affecting MongoDB Enterprised Advanced (CVE-2025-13466)

Summary There is a vulnerability in body-parser-2.2.0.tgz used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-13466. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2025-13466 DESCRIPTION: body-parser 2.2.0 is vulnerable to denial of service due to inefficient...

6.9CVSS5.5AI score0.00035EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/24 7:19 p.m.6 views

Security Bulletin: Vulnerabilities in ai-5.0.26.tgz affecting MongoDB Enterprised Advanced (CVE-2025-48985)

Summary There is a vulnerability in ai-5.0.26.tgz used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-48985. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2025-48985 DESCRIPTION: A vulnerability in Vercel’s AI SDK has been fixed in versions 5.0.52, 5.1.0-beta....

5.3CVSS5.5AI score0.00083EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/24 7:17 p.m.6 views

Security Bulletin: Vulnerabilities in netty-codec-4.1.124.Final.jar, netty-codec-http-4.1.108.Final.jar, netty-codec-http2-4.1.124.Final.jar affecting MongoDB Enterprised Advanced (CVE-2025-58056, CVE-2025-58057, CVE-2025-67735)

Summary There are vulnerabilities in netty-codec-4.1.124.Final.jar, netty-codec-http-4.1.108.Final.jar, netty-codec-http2-4.1.124.Final.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-58056, CVE-2025-58057, CVE-2025-67735. The vulnerabilities have been addressed. Vulnerabilit...

7.5CVSS5.4AI score0.00097EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/24 7:15 p.m.5 views

Security Bulletin: Vulnerabilities in netty-codec-4.1.124.Final.jar, netty-codec-http-4.1.108.Final.jar, netty-codec-http2-4.1.124.Final.jar affecting MongoDB Enterprised Advanced (CVE-2025-58057)

Summary There are vulnerabilities in netty-codec-4.1.124.Final.jar, netty-codec-http-4.1.108.Final.jar, netty-codec-http2-4.1.124.Final.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-58057. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-58057...

7.5CVSS5.4AI score0.00063EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/24 7:14 p.m.7 views

Security Bulletin: Vulnerabilities in logback-core-1.5.16.jar, logback-core-1.5.19.jar, logback-core-1.5.22.jar affecting MongoDB Enterprised Advanced (CVE-2026-1225)

Summary There are vulnerabilities in logback-core-1.5.16.jar, logback-core-1.5.19.jar, logback-core-1.5.22.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2026-1225. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-1225 DESCRIPTION: ACE vulnerability i...

1.8CVSS5.5AI score0.00014EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/24 7:13 p.m.7 views

Security Bulletin: Vulnerabilities in COMPONENT_NAME_HERE affecting MongoDB Enterprised Advanced (CVE-2024-29371)

Summary There is a vulnerability in jose4j-0.9.4.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2024-29371. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2024-29371 DESCRIPTION: In jose4j before 0.9.6, an attacker can cause a Denial-of-Service DoS conditio...

7.5CVSS5.4AI score0.00021EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/24 7:12 p.m.9 views

Security Bulletin: Vulnerabilities in commons-codec-1.11.jar affecting MongoDB Enterprised Advanced (CVE-2020-15250, CVE-2025-48924)

Summary There are 2 vulnerabilities in commons-codec-1.11.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2020-15250, CVE-2025-48924. The vulnerabilities have been addressed. Vulnerability Details IBM X-Force ID: 177835 DESCRIPTION: Apache Commons Codec could allow a remote attack...

5.5CVSS5.6AI score0.00099EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/24 7:10 p.m.6 views

Security Bulletin: Vulnerabilities in qs-6.11.0.tgz, qs-6.13.0.tgz affecting MongoDB Enterprised Advanced (CVE-2025-15284)

Summary There are 2 vulnerabilities in qs-6.11.0.tgz, qs-6.13.0.tgz used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-15284. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-15284 DESCRIPTION: Improper Input Validation vulnerability in qs parse modules...

6.3CVSS5.6AI score0.0004EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/24 7:8 p.m.6 views

Security Bulletin: Vulnerabilities in jersey-client-3.1.0.jar affecting MongoDB Enterprised Advanced (CVE-2025-12383)

Summary There is a vulnerability in jersey-client-3.1.0.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-12383. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2025-12383 DESCRIPTION: In Eclipse Jersey versions 2.45, 3.0.16, 3.1.9 a race condition can cau...

9.4CVSS5.5AI score0.00042EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/24 7:4 p.m.7 views

Security Bulletin: Vulnerabilities in js-yaml-3.14.1.tgz, js-yaml-4.1.0.tgz affecting MongoDB Enterprised Advanced (CVE-2025-64718)

Summary There are vulnerabilities in js-yaml-3.14.1.tgz, js-yaml-4.1.0.tgz used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-64718. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-64718 DESCRIPTION: js-yaml is a JavaScript YAML parser and dumper. In...

5.3CVSS5.5AI score0.00034EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/24 7:2 p.m.7 views

Security Bulletin: Vulnerabilities in logback-core-1.5.16.jar affecting MongoDB Enterprised Advanced (CVE-2025-11226)

Summary There is a vulnerability in logback-core-1.5.16.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-11226. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2025-11226 DESCRIPTION: ACE vulnerability in conditional configuration file processing by QOS.C...

5.9CVSS6.1AI score0.00067EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/24 6:58 p.m.7 views

Security Bulletin: Vulnerabilities in tar-fs-2.1.1.tgz affecting MongoDB Enterprised Advanced (CVE-2025-59343)

Summary There is a vulnerability in tar-fs-2.1.1.tgz used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-59343. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2025-59343 DESCRIPTION: tar-fs provides filesystem bindings for tar-stream. Versions prior to 3.1.1,...

8.7CVSS5.4AI score0.00033EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/02/24 5:26 p.m.6 views

Security Bulletin: IBM Integration Designer is vulnerable to incorrect Calculation of Buffer Size (CVE-2026-1188)

Summary Vulnerability in the IBM® Runtime Environment Java™ Version 8 used by IBM Integration Designer. IBM Integration Designer has addressed CVE-2026-1188. Vulnerability Details CVEID:CVE-2026-1188 DESCRIPTION: In the Eclipse OMR port library component since release 0.2.0, an API function to...

9.8CVSS5.8AI score0.00025EPSS
Exploits0Affected Software1
Total number of security vulnerabilities34926