Lucene search
K

35598 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 7:0 p.m.5 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in qs (parse modules) (CVE-2025-15284)

Summary A vulnerability in qs parse modules that is used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-15284 DESCRIPTION: Improper Input Validation vulnerability in qs parse modules allows HTTP DoS.This issue affects qs: 6.14.1. Summary The arrayLimit option...

6.3CVSS5.8AI score0.0041EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 6:54 p.m.8 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Apache Log4j (CVE-2025-68161)

Summary A vulnerability in Apache Log4j that is used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificat...

6.3CVSS5.8AI score0.00743EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 6:48 p.m.6 views

Security Bulletin: IBM InfoSphere Information Server is vulnerable due to Insecure Direct Object Reference (CVE-2025-14974)

Summary A vulnerability due to Insecure Direct Object Reference in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-14974 DESCRIPTION: IBM InfoSphere Information Server is vulnerable due to Insecure Direct Object Reference IDOR. CWE:CWE-639: Authorization Bypa...

7.5CVSS5.8AI score0.00327EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 6:37 p.m.5 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in React (CVE-2018-6341)

Summary A vulnerability in React that is used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2018-6341 DESCRIPTION: React applications which rendered to HTML using the ReactDOMServer API were not escaping user-supplied attribute names at render-time. That lack...

6.1CVSS5.6AI score0.03426EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 6:27 p.m.4 views

Security Bulletin: IBM InfoSphere Information Server is vulnerable to server-side request forgery (CVE-2025-14912)

Summary A server-side request forgery vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-14912 DESCRIPTION: IBM InfoSphere Information Server is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send...

5.4CVSS5.8AI score0.0022EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 6:23 p.m.4 views

Security Bulletin: IBM Security QRadar Log Management AQL Plugin is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. IBM Security QRadar Log Management AQL Plugin has addressed the applicable CVEs in an update. Vulnerability Details CVEID:CVE-2025-7783 DESCRIPTION: Use of...

9.4CVSS7.1AI score0.01735EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 6:22 p.m.9 views

Security Bulletin: The Network Threat Analytics App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. Network Threat Analytics App for IBM QRadar SIEM has addressed the applicable CVEs in an update. Vulnerability Details CVEID:CVE-2023-2454 DESCRIPTION:...

8.8CVSS6.4AI score0.04322EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 6:2 p.m.5 views

Security Bulletin: IBM InfoSphere Information Server is vulnerable due to insufficient session expiration (CVE-2025-14810)

Summary A vulnerability due to insufficient session expiration in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-14810 DESCRIPTION: InfoSphere Information Server does not invalidate a session after privileges have been modified which could allow an...

6.5CVSS5.8AI score0.00242EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 5:50 p.m.5 views

Security Bulletin: IBM InfoSphere Information Server is vulnerable due to disclosure of sensitive information (CVE-2025-14808)

Summary A sensitive information disclosure vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-14808 DESCRIPTION: InfoSphere Information Server could allow an attacker to obtain sensitive information from the query string of an HTTP GET method to...

3.1CVSS5.8AI score0.00225EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 5:22 p.m.5 views

Security Bulletin: IBM InfoSphere Information Server is vulnerable to disclosure of sensitive information (CVE-2025-14790)

Summary A sensitive information disclosure vulnerability in IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-14790 DESCRIPTION: IBM InfoSphere Information Server could allow an attacker to obtain sensitive information due to insufficiently protected credential...

6.5CVSS5.8AI score0.00204EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 5:1 p.m.12 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in IBM WebSphere Application Server Liberty (CVE-2025-12635)

Summary A vulnerability in IBM WebSphere Application Server Liberty that is used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-12635 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through...

5.4CVSS5.6AI score0.00139EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 4:45 p.m.3 views

Security Bulletin: IBM InfoSphere Information Server is vulnerable to cross-site request forgery (CVE-2025-36422)

Summary A cross-site request forgery vulnerability was addressed in IBM InfoSphere Information Server. Vulnerability Details CVEID:CVE-2025-36422 DESCRIPTION: IBM InfoSphere DataStage Flow Designer is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and...

4.3CVSS5.7AI score0.00139EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 4:35 p.m.5 views

Security Bulletin: IBM InfoSphere Information Server is vulnerable due to plaintext storage of a password (CVE-2025-36258)

Summary A vulnerability due to plaintext storage of a password was addressed in IBM InfoSphere Information Server. Vulnerability Details CVEID:CVE-2025-36258 DESCRIPTION: IBM InfoSphere Information Server product stores user credentials and other sensitive information in plain text which can be...

7.1CVSS5.8AI score0.00155EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 4:15 p.m.9 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Apache Commons Lang (CVE-2025-48924)

Summary A vulnerability in Apache Commons Lang that is used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with...

5.3CVSS6.6AI score0.02164EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 3:29 p.m.7 views

Security Bulletin: IBM WebSphere Application Server Liberty is affected by a prototype pollution vulnerability due to immutable (CVE-2026-29063)

Summary There is a vulnerability in the immutable library which affects IBM WebSphere Application Server Liberty with the openapi-3.0, openapi-3.1, mpOpenAPI-1.0, mpOpenAPI-1.1, mpOpenAPI-2.0, mpOpenAPI-3.0 mpOpenAPI-3.1, mpOpenAPI-4.0 or mpOpenAPI-4.1 feature enabled. Vulnerability Details...

9.8CVSS5.8AI score0.00978EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 2:58 p.m.9 views

Security Bulletin: IBM Sterling Connect:Direct FTP+ is vulnerable to various attacks due to IBM Runtime Environment Java Technology Edition Version 17

Summary IBM Java 17 is used by IBM Sterling Connect:Direct FTP+ on AIX, Linux, and Windows platforms in product configuration and data transmission. IBM Sterling Connect:Direct FTP+ on AIX, Linux, and Windows platforms is impacted by vulnerabilities in IBM Java 17. IBM Sterling Connect:Direct FTP...

9.8CVSS6.3AI score0.00864EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 2:26 p.m.5 views

Security Bulletin: Communications Server (CS) for Data Center Deployment and CS for AIX are affected by: IBM Java: Buffer overflow vulnerability in OMR allows denial-of-service

Summary Communications Server CS for Data Center Deployment and CS for AIX install a local Java JRE in its product directories. This JRE is used solely for the IBM Key Manager ikeyman tool which is called by the snakeyman script used for managing the SSL key database used by the TN3270 Server and...

9.8CVSS6.2AI score0.00491EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 2:25 p.m.6 views

Security Bulletin: Communications Server (CS) for Data Center Deployment, CS for Linux, and CS for Linux on System z are affected by: IBM Java: Buffer overflow vulnerability in OMR allows denial-of-service

Summary Communications Server CS for Data Center Deployment, CS for Linux, and CS for Linux on System z install a local Java JRE in its product directories. This JRE is used solely for the IBM Key Manager ikeyman tool which is called by the snakeyman script used for managing the SSL key database...

9.8CVSS6.2AI score0.00491EPSS
Exploits0Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 2:18 p.m.7 views

Security Bulletin: IBM Datapower Operations Dashboard could allow HTTP Parameter Pollution CVE-2025-7783

Summary form-data is used by the IBM Datapower Operations Dashboard for their streaming implementation Vulnerability Details CVEID:CVE-2025-7783 DESCRIPTION: Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution HPP. This vulnerability is associated with...

9.4CVSS7.1AI score0.01735EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 2:10 p.m.11 views

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to handshake corruption due to the crypto/tls package (CVE-2025-68121)

Summary Crypto/tls is used as part of secure encryption by DataStage on Cloud Pak for Data. Vulnerability Details CVEID:CVE-2025-68121 DESCRIPTION: During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the...

10CVSS5.9AI score0.00765EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 1:54 p.m.19 views

Security Bulletin: Security vulnerabilities may affect IBM WebSphere Liberty and Expat that are shipped with IBM CICS TX Standard.

Summary Security vulnerabilities may affect IBM WebSphere Liberty and Expat that are shipped with IBM CICS TX Standard CVE-2025-14914, CVE-2022-23990, CVE-2024-28757, CVE-2025-59375 and CVE-2025-12635. IBM WebSphere Liberty and Expat have been updated within IBM CICS TX Standard to address these...

7.6CVSS5.9AI score0.03992EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 1:36 p.m.5 views

Security Bulletin: Due to the use of flatted, IBM DevOps Solution Workbench ist affected by leaking a live reference to Array.Prototype

Summary flatted is used internally within IBM DevOps Solution Workbench Vulnerability Details CVEID:CVE-2026-33228 DESCRIPTION: flatted is a circular JSON parser. Prior to version 3.4.2, the parse function in flatted can use attacker-controlled string values from the parsed JSON as direct array...

9.8CVSS6AI score0.00808EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 1:26 p.m.11 views

Security Bulletin: IBM DevOps Release addresses multiple vulnerabilities related to Apache Tomcat.

Summary IBM DevOps Release 7.0.0.6 addresses multiple vulnerabilities related to Apache Tomcat. Vulnerability Details CVEID:CVE-2025-12383 DESCRIPTION: In Eclipse Jersey versions 2.45, 3.0.16, 3.1.9 a race condition can cause ignoring of critical SSL configurations - such as mutual authentication...

9.6CVSS5.8AI score0.66535EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 1:23 p.m.3 views

Security Bulletin: A heap-based buffer overflow flaw affects CICS Transaction Gateway for Multiplatforms container (CVE-2022-0185)

Summary A heap-based buffer overflow flaw affects CICS Transaction Gateway for Multiplatforms container. CICS Transaction Gateway for Multiplatforms container has documented how to address the applicable vulnerability. Vulnerability Details CVEID:CVE-2022-0185 DESCRIPTION: A heap-based buffer...

8.4CVSS7AI score0.25151EPSS
Exploits11Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 11:41 a.m.5 views

Security Bulletin: SOAR App Host is using a component with a known vulnerability (CVE-2026-1188)

Summary IBM SOAR App Host uses an older version of the OMR component in OpenJ9 JVM that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 1.15.7.0 Vulnerability Details CVEID:CVE-2026-1188 DESCRIPTIO...

9.8CVSS7.5AI score0.00491EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 7:29 a.m.7 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses golang.org/x/crypto which is vulnerable to CVE-2025-47914, CVE-2025-58181

Summary IBM Maximo Application Suite - Visual Inspection component uses golang.org/x/crypto which is vulnerable to CVE-2025-47914, CVE-2025-58181 , This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2025-47914 DESCRIPTION: SSH Agent...

5.3CVSS6.7AI score0.00521EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 7:28 a.m.5 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses tar-7.5.2.tgz which is vulnerable to CVE-2026-23950

Summary IBM Maximo Application Suite - Visual Inspection component uses tar-7.5.2.tgz which is vulnerable to CVE-2026-23950. This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-23950 DESCRIPTION: node-tar,a Tar for Node.js, has ...

8.8CVSS6.1AI score0.00233EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 7:11 a.m.4 views

Security Bulletin: IBM Maximo Application Suite - Predict Component was using vulnerable library werkzeug-3.1.3 which is vulnerable to CVE-2025-66221

Summary IBM Maximo Application Suite - Predict Component was using vulnerable library werkzeug-3.1.3-py3-none-any.whl which is vulnerable to CVE-2025-66221. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-66221 DESCRIPTION: Werkzeug is a...

6.3CVSS6.6AI score0.00474EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 7:9 a.m.4 views

Security Bulletin: IBM Maximo Application Suite - Predict Component was using vulnerable library urllib3-2.6.2 which is vulnerable to CVE-2026-21441

Summary IBM Maximo Application Suite - Predict Component was using vulnerable library urllib3-2.6.2-py3-none-any.whl which is vulnerable to CVE-2026-21441. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-21441 DESCRIPTION: urllib3 is an HTTP...

8.9CVSS6.7AI score0.02667EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 7:5 a.m.6 views

Security Bulletin: IBM Maximo Application Suite - Predict Component was using vulnerable library pyasn1-0.6.1 which is vulnerable to CVE-2026-23490

Summary IBM Maximo Application Suite - Predict Component was using vulnerable library pyasn1-0.6.1-py3-none-any.whl which is vulnerable to CVE-2026-23490. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-23490 DESCRIPTION: pyasn1 is a generic...

7.5CVSS6.7AI score0.00679EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 6:56 a.m.7 views

Security Bulletin: Multiple vulnerabilities in IBM MQ Operator and Queue manager container images

Summary Multiple vulnerabilities were addressed in IBM MQ Operator and Queue manager container images Vulnerability Details CVEID:CVE-2025-9086 DESCRIPTION: 1. A cookie is set using the secure keyword for https://target 2. curl is redirected to or otherwise made to speak with http://target same...

9.8CVSS7.7AI score0.47621EPSS
Exploits10Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/23 7:53 p.m.3 views

Security Bulletin: Vulnerabilities in Storybook affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in Storybook has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-68429 DESCRIPTION:...

7.3CVSS7AI score0.00235EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/23 7:50 p.m.4 views

Security Bulletin: Vulnerabilities affect IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerabilities have been identified that affect IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerabilities have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-47914 DESCRIPTION: SSH Agent...

5.3CVSS6.7AI score0.00521EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/23 7:49 p.m.4 views

Security Bulletin: Vulnerabilities in Quarkus affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in Quarkus has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-66560 DESCRIPTION: Quarkus ...

7.5CVSS5.7AI score0.00349EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/23 7:47 p.m.4 views

Security Bulletin: Vulnerability affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-15284 DESCRIPTION: Improper Input...

6.3CVSS6.3AI score0.0041EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/23 7:47 p.m.9 views

Security Bulletin: Vulnerabilities in Undici affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in Undici has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2026-22036 DESCRIPTION: Undici is...

7.5CVSS7AI score0.00433EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/23 7:46 p.m.3 views

Security Bulletin: Vulnerability affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2026-2391 DESCRIPTION: Summary The arrayLim...

7.5CVSS6.2AI score0.00478EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/23 7:43 p.m.4 views

Security Bulletin: Vulnerabilities in Netty affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in Netty has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-67735 DESCRIPTION: Netty is a...

6.5CVSS6.5AI score0.00292EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/23 7:42 p.m.5 views

Security Bulletin: Vulnerabilities in juliangruber affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in juliangruber has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-5889 DESCRIPTION: A...

3.1CVSS4.4AI score0.00459EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/23 7:41 p.m.7 views

Security Bulletin: Vulnerability affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-8869 DESCRIPTION: When extracting a ta...

5.9CVSS6.7AI score0.00438EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/23 7:40 p.m.7 views

Security Bulletin: Vulnerabilities in affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2026-23745 DESCRIPTION: node-tar is a Ta...

8.2CVSS6.5AI score0.00334EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/23 7:39 p.m.7 views

Security Bulletin: Vulnerabilities in wheel affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in wheel has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2026-24049 DESCRIPTION: wheel is a...

7.1CVSS7.4AI score0.00311EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/23 4:22 p.m.17 views

Security Bulletin: Enumeration of users, compromised data confidentiality and integrity, and other vulnerabilities might affect IBM Storage Defender - Resiliency Service

Summary IBM Storage Defender - Resiliency Service is vulnerable to enumeration of users, compromised data confidentiality and integrity, and others. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-22029 DESCRIPTION: React Router is a router for React. In...

8.1CVSS6.8AI score0.02591EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/23 4:3 p.m.9 views

Security Bulletin: IBM InfoSphere Optim Archive Viewer is affected by a vulnerability in jsPDF (CVE-2025-57810)

Summary A vulnerability in jsPDF CVE-2025-57810 used by IBM InfoSphere Optim Archive Viewer has been addressed by upgrading the library to version 4.0.0. Vulnerability Details CVEID:CVE-2025-57810 DESCRIPTION: jsPDF is a library to generate PDFs in JavaScript. Prior to 3.0.2, user control of the...

8.7CVSS6.4AI score0.00653EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/23 4:1 p.m.7 views

Security Bulletin: IBM InfoSphere Optim Archive Viewer is affected by a vulnerability in form-data (CVE-2025-7783)

Summary A vulnerability in the form-data library CVE-2025-7783 used by IBM InfoSphere Optim Archive Viewer has been addressed by upgrading the library to version 4.0.5. Vulnerability Details CVEID:CVE-2025-7783 DESCRIPTION: Use of Insufficiently Random Values vulnerability in form-data allows HTT...

9.4CVSS6.6AI score0.01735EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/23 3:13 p.m.9 views

Security Bulletin: Multiple Vulnerabilities in IBM watsonx Code Assistant On Prem

Summary Multiple vulnerabilities were addressed in IBM watsonx Code Assistant On Prem V5.3.1 Vulnerability Details CVEID:CVE-2026-1525 DESCRIPTION: Undici allows duplicate HTTP Content-Length headers when they are provided in an array with case-variant names e.g., Content-Length and content-lengt...

9.8CVSS6AI score0.0115EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/23 2:6 p.m.7 views

Security Bulletin: Security vulnerability in Python affects IBM Robotic Process Automation for Cloud Pak

Summary A security vulnerability in Python affects IBM Robotic Process Automation for Cloud Pak. Python is used by IBM Robotic Process Automation for Cloud Pak as part of its deployment. This bulletin identifies the fixes required to resolve the vulnerabilities. Vulnerability Details...

6.5CVSS7.4AI score0.00184EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/23 1:59 p.m.7 views

Security Bulletin: Security vulnerability in Python affects IBM Robotic Process Automation

Summary A security vulnerability in Python affects IBM Robotic Process Automation. Python is used by IBM Robotic Process Automation as part of its deployment. This bulletin identifies the fixes required to resolve the vulnerabilities. Vulnerability Details CVEID:CVE-2025-68146 DESCRIPTION: filelo...

6.5CVSS7.4AI score0.00184EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/23 1:58 p.m.4 views

Security Bulletin: Security vulnerability in nginx affects IBM Robotic Process Automation for Cloud Pak

Summary A security vulnerability in nginx affects IBM Robotic Process Automation for Cloud Pak. Nginx is used by IBM Robotic Process Automation for Cloud Pak as part of its deployment. This bulletin identifies the fixes required to resolve the vulnerabilities. Vulnerability Details...

5.3CVSS6.8AI score0.02646EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/23 1:44 p.m.9 views

Security Bulletin: Security vulnerability in Python affects IBM Robotic Process Automation for Cloud Pak

Summary A security vulnerability in Python affects IBM Robotic Process Automation for Cloud Pak. Python is used by IBM Robotic Process Automation for Cloud Pak as part of its deployment. This bulletin identifies the fixes required to resolve the vulnerabilities. Vulnerability Details...

6.3CVSS6.6AI score0.00474EPSS
Exploits0Affected Software1
Total number of security vulnerabilities35598