Lucene search
K

35608 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/02/25 9:44 p.m.6 views

Security Bulletin: IBM FoundationDB Operator Vulnerable to kube-apiserver vulnerability (CVE-2022-3172)

Summary IBM FoundationDB Operator addressed kube-apiserver vulnerability. Vulnerability Details CVEID:CVE-2022-3172 DESCRIPTION: A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This could lead to the client performing...

8.2CVSS5.4AI score0.02464EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/25 9:31 p.m.9 views

Security Bulletin: Go Vulnerabilities affect IBM IBM Database Operator for FoundationDB (CVE-2022-27191, CVE-2021-43565)

Summary The issue has been fixed as part of Cloud Pak for Data release 4.6 Vulnerability Details CVEID:CVE-2022-27191 DESCRIPTION: Go ssh package is vulnerable to a denial of service, caused by an unspecified flaw in certain circumstances involving AddHostKey. By sending a specially-crafted...

7.5CVSS8.6AI score0.03931EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/25 7:18 p.m.6 views

Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by a denial of service due to jose4j (CVE-2024-29371)

Summary There is a vulnerability in the jose4j library used by IBM WebSphere Application Server traditional and WebSphere Application Server Liberty. Vulnerability Details CVEID:CVE-2024-29371 DESCRIPTION: In jose4j before 0.9.6, an attacker can cause a Denial-of-Service DoS condition by crafting...

7.5CVSS5.5AI score0.00244EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/25 7:11 p.m.7 views

Security Bulletin: MongoDB Enterprised Advanced affected by: Use of Insufficiently Random Values vulnerability (CVE-2025-7783)

Summary There is 1 vulnerability in form-data-2.3.3.tgz used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-7783. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2025-7783 DESCRIPTION: Use of Insufficiently Random Values vulnerability in form-data allows HTTP...

9.4CVSS5.4AI score0.01735EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/25 6:44 p.m.4812 views

Security Bulletin: FDB

Summary The library is included as part of the GO installed and not directly affect the product in any means. The go version has been updated since then and has been fixed. This only affect pre-CPD 4.5 Vulnerability Details CVEID:CVE-2022-21698 DESCRIPTION: Prometheus Go client library clientgola...

7.5CVSS5.6AI score0.05994EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/25 5:25 p.m.8 views

Security Bulletin: Security vulnerabilities may affect IBM Java shipped with IBM CICS TX Advanced

Summary Security vulnerabilities may affect IBM Java shipped with IBM CICS TX Advanced. An update to IBM CICS TX Advanced has been released to address these vulnerabilities. Vulnerability Details CVEID:CVE-2026-1188 DESCRIPTION: In the Eclipse OMR port library component since release 0.2.0, an AP...

9.8CVSS6.2AI score0.00864EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/25 5:19 p.m.9 views

Security Bulletin: Security vulnerabilities may affect IBM Java shipped with TXSeries for Multiplatforms.

Summary Security vulnerabilities may affect IBM Java shipped with TXSeries for Multiplatforms. An update to TXSeries for Multiplatforms has been released to address these vulnerabilities. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service, caused ...

9.8CVSS6.2AI score0.00864EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/25 5:18 p.m.15 views

Security Bulletin: TSSC/IMC addresses multiple security vulnerabilities.

Summary TSSC/IMC addresses multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2025-14523 DESCRIPTION: A flaw in libsoup’s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common...

9.8CVSS6.2AI score0.4269EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/25 5:12 p.m.7 views

Security Bulletin: Security vulnerabilities may affect IBM Java shipped with IBM CICS TX Standard

Summary Security vulnerabilities may affect IBM Java shipped with IBM CICS TX Standard. An update to IBM CICS TX Standard has been released to address these vulnerabilities. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by an easily...

9.8CVSS6.2AI score0.00864EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/25 5:4 p.m.11 views

Security Bulletin: IBM Sterling Transformation Extender is affected by MongoBleed security vulnerability

Summary IBM Sterling Transformation Extender uses MongoDB and is affected by MongoBleed security vulnerability CVE-2025-14847. Vulnerability Details CVEID:CVE-2025-14847 DESCRIPTION: Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an...

8.7CVSS5.7AI score0.83007EPSS
Exploits39Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/25 4:33 p.m.6 views

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to sensitive information leak due to HTTP response (CVE-2025-13616)

Summary DataStage on Cloud Pak for Data is vulnerable to sensitive information leak due to HTTP response Vulnerability Details CVEID:CVE-2025-13616 DESCRIPTION: IBM DataStage on Cloud Pak for Data returns sensitive information in an HTTP response that could be used in further attacks against the...

7.5CVSS5.4AI score0.00226EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/25 4:32 p.m.9 views

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities in Node.js and LangChain

Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple vulnerabilities in Node.js and LangChain. CVE-2025-65945, CVE-2025-68664, CVE-2025-12758 The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-65945 DESCRIPTION:...

9.3CVSS5.9AI score0.1383EPSS
Exploits8Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/25 4:28 p.m.15 views

Security Bulletin: Multiple vulnerabilities in DataStage on Cloud Pak for Data

Summary DataStage on Cloud Pak for Data is vulnerable to multiple software vulnerabilities due to open source packages. Vulnerability Details CVEID:CVE-2025-61724 DESCRIPTION: The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the...

8.6CVSS7AI score0.00689EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/25 4:10 p.m.7 views

Security Bulletin: SPSS Collaboration and Deployment Services is affected by vulnerabilities in body-parser (CVE-2025-13466) and qs (CVE-2025-15284, CVE-2026-2391)

Summary SPSS Collaboration and Deployment Services is affected by vulnerabilities in body-parser CVE-2025-13466 and qs CVE-2025-15284, CVE-2026-2391. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-15284 DESCRIPTION: Improper Input Validation vulnerability...

7.5CVSS5.7AI score0.00478EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/25 3:8 p.m.6 views

Security Bulletin: A vulnerability in WebSphere Application Server Liberty affects IBM License Metric Tool

Summary There is a vulnerability in the WebSphere Application Server Liberty used by IBM License Metric Tool. Vulnerability Details CVEID:CVE-2025-12635 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.12 are affected by...

5.4CVSS5.2AI score0.00139EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/25 9:46 a.m.10 views

Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationRuntime and IntegrationServer operands are vulnerable to denial of service (CVE-2026-0621)

Summary Node.js module @modelcontextprotocol/sdk is found in IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container IntegrationRuntime and IntegrationServer operands are vulnerable to denial of service. This bulletin provides patch information to address th...

8.7CVSS4.8AI score0.00399EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/25 8:51 a.m.10 views

Security Bulletin: Vulnerability in libxml2 affects IBM Cloud Pak System[CVE-2025-6021]

Summary A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. Vulnerability was addressed in IBM Cloud Pak System version 2.3.6.1. Vulnerability Details CVEID:CVE-2025-6021 DESCRIPTION: A flaw was found...

7.5CVSS6AI score0.01067EPSS
Exploits1Affected Software4
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/25 4:42 a.m.10 views

Security Bulletin: IBM Automation Decision Services for Jan 2026- Multiple CVEs addressed

Summary IBM Automation Decision Services is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-7783...

9.4CVSS6.5AI score0.01735EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/25 4:9 a.m.9 views

Security Bulletin: The IBM SPSS Collaboration and Deployment Services impacted by multiple vulnerabilities disclosed in IBM Semeru Runtime

Summary The IBM SPSS Collaboration and Deployment Services impacted by multiple vulnerabilities disclosed in IBM Semeru Runtime CVE-2026-21945, CVE-2026-21932, CVE-2026-21933, CVE-2026-21925, CVE-2026-1188. These vulnerabilities are addressed. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTIO...

9.8CVSS6.2AI score0.00864EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 10:29 p.m.7 views

Security Bulletin: MongoDB Enterprised Advanced affected by: Inefficient Regular Expression Complexity (CVE-2025-27789)

Summary There are vulnerabilities in helpers-7.21.5.tgz, helpers-7.22.6.tgz, helpers-7.25.0.tgz, runtime-7.21.0.tgz, runtime-7.22.10.tgz, runtime-7.23.2.tgz used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-27789. The vulnerabilities have been addressed. Vulnerability Details...

6.2CVSS5.4AI score0.00478EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 10:29 p.m.7 views

Security Bulletin: MongoDB Enterprised Advanced affected by: Allocation of Resources Without Limits or Throttling vulnerability (CVE-2025-8885)

Summary There is a vulnerability in bc-fips-1.0.2.5.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-8885. The vulnerability has/vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-8885 DESCRIPTION: Allocation of Resources Without Limits or Throttling...

6.3CVSS5.5AI score0.00505EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 9:9 p.m.8 views

Security Bulletin: Improper neutralization of null bytes may lead to buffer over-reads in MongoDB Server affecting MongoDB Enterprised Advanced (CVE-2024-10921)

Summary There is a vulnerability in MongoDB Server used in MongoDB Enterprised Advanced for IBM, involving improper neutralization of null bytes may lead to buffer over-reads in MongoDB Server. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2024-10921 DESCRIPTION: An...

8.1CVSS5.7AI score0.00537EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 7:20 p.m.9 views

Security Bulletin: Vulnerabilities in body-parser-2.2.0.tgz affecting MongoDB Enterprised Advanced (CVE-2025-13466)

Summary There is a vulnerability in body-parser-2.2.0.tgz used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-13466. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2025-13466 DESCRIPTION: body-parser 2.2.0 is vulnerable to denial of service due to inefficient...

6.9CVSS5.5AI score0.00342EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 7:19 p.m.7 views

Security Bulletin: Vulnerabilities in ai-5.0.26.tgz affecting MongoDB Enterprised Advanced (CVE-2025-48985)

Summary There is a vulnerability in ai-5.0.26.tgz used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-48985. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2025-48985 DESCRIPTION: A vulnerability in Vercel’s AI SDK has been fixed in versions 5.0.52, 5.1.0-beta....

5.3CVSS5.5AI score0.00259EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 7:17 p.m.9 views

Security Bulletin: Vulnerabilities in netty-codec-4.1.124.Final.jar, netty-codec-http-4.1.108.Final.jar, netty-codec-http2-4.1.124.Final.jar affecting MongoDB Enterprised Advanced (CVE-2025-58056, CVE-2025-58057, CVE-2025-67735)

Summary There are vulnerabilities in netty-codec-4.1.124.Final.jar, netty-codec-http-4.1.108.Final.jar, netty-codec-http2-4.1.124.Final.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-58056, CVE-2025-58057, CVE-2025-67735. The vulnerabilities have been addressed. Vulnerabilit...

7.5CVSS5.4AI score0.00631EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 7:15 p.m.6 views

Security Bulletin: Vulnerabilities in netty-codec-4.1.124.Final.jar, netty-codec-http-4.1.108.Final.jar, netty-codec-http2-4.1.124.Final.jar affecting MongoDB Enterprised Advanced (CVE-2025-58057)

Summary There are vulnerabilities in netty-codec-4.1.124.Final.jar, netty-codec-http-4.1.108.Final.jar, netty-codec-http2-4.1.124.Final.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-58057. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-58057...

7.5CVSS5.4AI score0.00561EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 7:14 p.m.8 views

Security Bulletin: Vulnerabilities in logback-core-1.5.16.jar, logback-core-1.5.19.jar, logback-core-1.5.22.jar affecting MongoDB Enterprised Advanced (CVE-2026-1225)

Summary There are vulnerabilities in logback-core-1.5.16.jar, logback-core-1.5.19.jar, logback-core-1.5.22.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2026-1225. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-1225 DESCRIPTION: ACE vulnerability i...

1.8CVSS5.5AI score0.00159EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 7:13 p.m.8 views

Security Bulletin: Vulnerabilities in COMPONENT_NAME_HERE affecting MongoDB Enterprised Advanced (CVE-2024-29371)

Summary There is a vulnerability in jose4j-0.9.4.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2024-29371. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2024-29371 DESCRIPTION: In jose4j before 0.9.6, an attacker can cause a Denial-of-Service DoS conditio...

7.5CVSS5.4AI score0.00244EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 7:12 p.m.11 views

Security Bulletin: Vulnerabilities in commons-codec-1.11.jar affecting MongoDB Enterprised Advanced (CVE-2020-15250, CVE-2025-48924)

Summary There are 2 vulnerabilities in commons-codec-1.11.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2020-15250, CVE-2025-48924. The vulnerabilities have been addressed. Vulnerability Details IBM X-Force ID: 177835 DESCRIPTION: Apache Commons Codec could allow a remote attack...

5.5CVSS5.6AI score0.02164EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 7:10 p.m.7 views

Security Bulletin: Vulnerabilities in qs-6.11.0.tgz, qs-6.13.0.tgz affecting MongoDB Enterprised Advanced (CVE-2025-15284)

Summary There are 2 vulnerabilities in qs-6.11.0.tgz, qs-6.13.0.tgz used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-15284. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-15284 DESCRIPTION: Improper Input Validation vulnerability in qs parse modules...

6.3CVSS5.6AI score0.0041EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 7:8 p.m.7 views

Security Bulletin: Vulnerabilities in jersey-client-3.1.0.jar affecting MongoDB Enterprised Advanced (CVE-2025-12383)

Summary There is a vulnerability in jersey-client-3.1.0.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-12383. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2025-12383 DESCRIPTION: In Eclipse Jersey versions 2.45, 3.0.16, 3.1.9 a race condition can cau...

9.4CVSS5.5AI score0.00271EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 7:4 p.m.8 views

Security Bulletin: Vulnerabilities in js-yaml-3.14.1.tgz, js-yaml-4.1.0.tgz affecting MongoDB Enterprised Advanced (CVE-2025-64718)

Summary There are vulnerabilities in js-yaml-3.14.1.tgz, js-yaml-4.1.0.tgz used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-64718. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-64718 DESCRIPTION: js-yaml is a JavaScript YAML parser and dumper. In...

5.3CVSS5.5AI score0.00378EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 7:2 p.m.8 views

Security Bulletin: Vulnerabilities in logback-core-1.5.16.jar affecting MongoDB Enterprised Advanced (CVE-2025-11226)

Summary There is a vulnerability in logback-core-1.5.16.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-11226. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2025-11226 DESCRIPTION: ACE vulnerability in conditional configuration file processing by QOS.C...

7CVSS6.1AI score0.00181EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 6:58 p.m.8 views

Security Bulletin: Vulnerabilities in tar-fs-2.1.1.tgz affecting MongoDB Enterprised Advanced (CVE-2025-59343)

Summary There is a vulnerability in tar-fs-2.1.1.tgz used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-59343. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2025-59343 DESCRIPTION: tar-fs provides filesystem bindings for tar-stream. Versions prior to 3.1.1,...

8.7CVSS5.4AI score0.00516EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 5:26 p.m.9 views

Security Bulletin: IBM Integration Designer is vulnerable to incorrect Calculation of Buffer Size (CVE-2026-1188)

Summary Vulnerability in the IBM® Runtime Environment Java™ Version 8 used by IBM Integration Designer. IBM Integration Designer has addressed CVE-2026-1188. Vulnerability Details CVEID:CVE-2026-1188 DESCRIPTION: In the Eclipse OMR port library component since release 0.2.0, an API function to...

9.8CVSS5.8AI score0.00491EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 5:25 p.m.10 views

Security Bulletin: IBM Installation Manager is affected by a vulnerability in the IBM SDK Java Technology Edition.

Summary There is a vulnerability in the IBM® SDK, Java™ Technology Edition Versions 8 used by IBM Installation Manager and IBM Packaging Utility. Vulnerability Details CVEID:CVE-2026-1188 DESCRIPTION: In the Eclipse OMR port library component since release 0.2.0, an API function to return the...

9.8CVSS5.8AI score0.00491EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 5:23 p.m.12 views

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to Incorrect Calculation of Buffer Size due to IBM Java (CVE-2026-1188)

Summary IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to Incorrect Calculation of Buffer Size due to IBM Java. Vulnerability Details CVEID:CVE-2026-1188 DESCRIPTION: In the Eclipse OMR port library component since release 0.2.0, an API function to return the textual...

9.8CVSS5.8AI score0.00491EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 5:21 p.m.12 views

Security Bulletin: A vulnerability in IBM Java Runtime affects Tivoli Netcool/OMNIbus ( CVE-2026-1188)

Summary A vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by Tivoli Netcool/OMNIbus has been addressed. Vulnerability Details CVEID:CVE-2026-1188 DESCRIPTION: In the Eclipse OMR port library component since release 0.2.0, an API function to return the...

9.8CVSS5.7AI score0.00491EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 5:14 p.m.12 views

Security Bulletin: Vulnerability in IBM® Java SDK affects WebSphere Service Registry and Repository due to CVE-2026-1188

Summary A buffer overflow vulnerability in IBM® SDK, Java™ Technology Edition affects IBM WebSphere Service Registry and Repository. This issue is also addressed by WebSphere Application Server shipped with WebSphere Service Registry and Repository. Vulnerability Details CVEID:CVE-2026-1188...

9.8CVSS5.9AI score0.00491EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 5:2 p.m.11 views

Security Bulletin: AIX Xorg X Server is vulnerable to memory corruption or a denial of service (CVE-2025-62230, CVE-2025-62231)

Summary Updated Feb 24 2026: New iFix for 7.3 TL3 SP2 provided with correct fileset prereqs. Updated the affected fileset levels to show that 7.3 TL3 SP2 is vulnerable. Vulnerabilities in Xorg X Server could cause a memory corruption or denial of service CVE-2025-62230, CVE-2025-62231...

7.3CVSS7.6AI score0.00281EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 5:0 p.m.9 views

Security Bulletin: Vulnerability in IBM® Java SDK affects IBM WebSphere Application Server and WebSphere Application Server Liberty due to CVE-2026-1188

Summary There is a vulnerability in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE listed in this document might affect some configurations of IBM WebSphere Application Server traditional and IBM...

9.8CVSS6AI score0.00491EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 4:55 p.m.10 views

Security Bulletin: Multiple vulnerabilities affect IBM® Semeru Runtime (CVE-2026-21945, CVE-2026-21932, CVE-2026-21933, CVE-2026-21925, CVE-2026-1188)

Summary This bulletin for IBM Semeru Runtime covers all applicable Java SE CVEs published by OpenJDK as part of their January 2026 Vulnerability Advisory, plus CVE-2026-1188. For more information please refer to OpenJDK's January 2026 Vulnerability Advisory and the CVE links below. Vulnerability...

9.8CVSS6.2AI score0.00864EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 4:39 p.m.16 views

Security Bulletin: Security vulnerability affects IBM® SDK, Java™ Technology Edition (CVE-2026-1188)

Summary Security vulnerability has been addressed in IBM® SDK, Java™ Technology Edition. Vulnerability Details CVEID:CVE-2026-1188 DESCRIPTION: In the Eclipse OMR port library component since release 0.2.0, an API function to return the textual names of all supported processor features was not...

9.8CVSS5.7AI score0.00491EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 1:45 p.m.8 views

Security Bulletin: IBM webMethods BPM is vulnerable to Out-of-bounds memory operations in org.lz4:lz4-java.

Summary IBM webMethods BPM uses lz4-java which is pulled in automatically as a dependency of webmethods event streaming library. Vulnerability Details CVEID:CVE-2025-12183 DESCRIPTION: Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of...

8.8CVSS5.5AI score0.00647EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 1:2 p.m.9 views

Security Bulletin: Multiple Vulnerabilities of IBM Java SDK affect Linux KVM Agent from IBM Tivoli Monitoring for Virtual Environments

Summary IBM java SDK is used by Linux KVM Agent from IBM Tivoli Monitoring for Virtual Environments. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by an easily exploitable vulnerability issue that allows an remote attacker to cause a...

7.5CVSS5.7AI score0.00864EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 12:56 p.m.9 views

Security Bulletin: Vulnerabilities in IBM Java included with IBM Tivoli Composite Application Manager for Applications WebSphere MQ Monitoring Agent

Summary Vulnerabilities in IBM SDK Java Technology Edition that is shipped as part of agent framework in ITCAM for Applications WebSphere MQ Monitoring Agent. CVEs: CVE-2026-21945, CVE-2026-21932 Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service,...

7.5CVSS5.7AI score0.00864EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 12:46 p.m.24 views

Security Bulletin: Multiple Vulnerabilities of IBM Java SDK affect VMware Agent from IBM Tivoli Monitoring for Virtual Environments.

Summary IBM java SDK is used by VMware Agent from IBM Tivoli Monitoring for Virtual Environments. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by an easily exploitable vulnerability issue that allows an remote attacker to cause a han...

7.5CVSS5.7AI score0.00864EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 8:50 a.m.90 views

Security Bulletin: IBM® Db2® is vulnerable to a denial of service as the server may terminate under certain conditions (CVE-2025-36009)

Summary IBM® Db2® is vulnerable to a denial of service due to excessive use of a global variable. Vulnerability Details CVEID:CVE-2025-36009 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server could allow an authenticated user to cause a denial of service due to excessive...

6.5CVSS5.5AI score0.00339EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 6:14 a.m.14 views

Security Bulletin: IBM Maximo Application Suite uses multiple third party dependencies which are vulnerable to CVEs.

Summary BM Maximo Application Suite uses "github.com/opencontainers/runc v1.1.13, java 1.8.0391 , java17" which are vulnerable to "CVE-2025-31133, CVE-2025-52565,CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20922, CVE-2024-20923, CVE-2024-20925, CVE-2024-20926, CVE-2024-20945,...

8.4CVSS5.8AI score0.01026EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 6:11 a.m.8 views

Security Bulletin: IBM Maximo Application Suite uses net/http 1.23.4,1.24.2,1.24.3,crypto/x509 1.24.2,1.24.3 which is vulnerable to CVE-2025-4673, CVE-2025-22874.

Summary IBM Maximo Application Suite uses net/http 1.23.4,1.24.2,1.24.3, crypto/x509 1.24.2,1.24.3 which is vulnerable to CVE-2025-4673,CVE-2025-22874. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-4673 DESCRIPTION:...

7.5CVSS5.4AI score0.0056EPSS
Exploits0Affected Software1
Total number of security vulnerabilities35608