Security Bulletin: IBM® Db2® is vulnerable to remote code execution due to improper pre-auth DRDA handshake handling (CVE-2026-10109)

Summary IBM® Db2® is vulnerable to remote code execution due to improper pre-auth DRDA handshake handling. Vulnerability Details CVEID:CVE-2026-10109 DESCRIPTION: IBM Db2 is vulnerable to remote code execution due to improper pre-auth DRDA handshake handling. CWE:CWE-94: Improper Control of...

Security Bulletin: IBM® Db2® federated server is vulnerable to a denial of service due to improper neutralization of special elements in the data query logic of XMLTable-derived columns by autheticated user (CVE-2026-11906)

Summary IBM® Db2® federated server is vulnerable to cause a denial of service due to improper neutralization of special elements in the data query logic of XMLTable-derived columns by a authenticated user. Vulnerability Details CVEID:CVE-2026-11906 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows...

Security Bulletin: IBM® Db2® is affected by vulnerabilities in bcprov-jdk18on-1.82 and bcpkix-jdk18on-1.82.

Summary IBM® Db2® is affected by vulnerabilities in bcprov-jdk18on-1.82 and bcpkix-jdk18on-1.82 Vulnerability Details CVEID:CVE-2025-14813 DESCRIPTION: : Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all core modules. This...

Security Bulletin: IBM® Db2® federated server is affected by multiple vulnerabilities in log4j v2.25.3.

Summary IBM® Db2® federated server is affected by multiple vulnerabilities in log4j v2.25.3. Vulnerability Details CVEID:CVE-2026-34480 DESCRIPTION: Apache Log4j Core's XmlLayout https://logging.apache.org/log4j/2.x/manual/layouts.htmlXmlLayout , in versions up to and including 2.25.3, fails to...

Security Bulletin: IBM® Db2® federated server is affected by multiple vulnerabilities in Netty open source libraries.

Summary IBM® Db2® federated server is affected by multiple vulnerabilities in Netty open source libraries. Vulnerability Details CVEID:CVE-2026-33871 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.132.Final and 4.2.10.Final, a remote us...

Security Bulletin: IBM® Db2® could disclose sensitive information to an authenticated user from the monitoring and event tables (CVE-2025-36372)

Summary IBM® Db2® could disclose sensitive information to an authenticated user from the monitoring and event tables. CVE-2025-36372 Vulnerability Details CVEID:CVE-2025-36372 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could disclose sensitive information to an...

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptable to an Insertion of Sensitive Information Into Sent Data vulnerability (CVE-2026-12085)

Summary IBM DevOps Deploy / IBM UrbanCode Deploy UCD could disclose sensitive configurations and secrets to authenticated users in API responses that could be used in further attacks against the system. CVE-2026-12085. Vulnerability Details CVEID:CVE-2026-12085 DESCRIPTION: IBM DevOps Deploy coul...

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to a Insertion of Sensitive Information into Log File Vulnerability (CVE-2026-12086)

Summary IBM DevOps Deploy / IBM UrbanCode Deploy UCD installer potentially logs sensitive information in a way that could be read by a local user. CVE-2026-12086. Vulnerability Details CVEID:CVE-2026-12086 DESCRIPTION: IBM DevOps Deploy stores potentially sensitive information in log files that...

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to a Permissive Cross-domain Security Policy with Untrusted Domains (CVE-2026-12084)

Summary IBM DevOps Deploy / IBM UrbanCode Deploy UCD uses Cross-Origin Resource Sharing CORS which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains. CVE-2026-12084. Vulnerability Details...

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to an Exposure of Sensitive Information Vulnerability (CVE-2026-10569)

Summary IBM DevOps Deploy / IBM UrbanCode Deploy UCD is susceptible to an Exposure of Sensitive Information Vulnerability in plugin output logs. This exposure could allow an attacker with access to the logs to potentially obtain senstive values related to that step. CVE-2026-10569. Vulnerability...

Security Bulletin: Unauthenticated Cross-User MCP Resource Access and Tool Execution via Streamable Transport Authorization Bypass

Summary An improper authorization vulnerability in Streamable MCP transport endpoint /api/v1/mcp/project/projectid/streamable allows unauthenticated attackers to bypass project ownership controls and execute Model Context Protocol MCP operations against OAuth-authenticated projects owned by other...

Security Bulletin:IBM HTTP Server shipped with IBM OpenPages is vulnerable to multiple vulnerabilities

Summary IBM HTTP Server used by IBM WebSphere Application Server, that is shipped as a supporting program of IBM OpenPages. Information about multiple vulnerabilities affecting IBM HTTP Server has been published in a security bulletin. These products have addressed the applicable CVEs. For a...

Security Bulletin: IBM WebSphere Application Server is affected by a remote code execution vulnerability (CVE-2026-11536)

Summary IBM WebSphere Application Server is affected by a remote code execution vulnerability in the SOAP/JMX connector. Vulnerability Details CVEID:CVE-2026-11536 DESCRIPTION: IBM WebSphere Application Server is affected by a remote code execution vulnerability in the SOAP/JMX connector...

Security Bulletin: IBM® Db2® federated server is affected by a vulnerability in log4j-core-2.17.2 (CVE-2025-68161)

Summary IBM® Db2® federated server is affected by a vulnerability in log4j-core-2.17.2 CVE-2025-68161 Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer...

Security Bulletin: Multiple Vulnerabilities have been identified in IBM HTTP Server shipped with IBM WebSphere Remote Server

Summary IBM HTTP Server is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM HTTP Server have been published in a security bulletin CVE-2026-29167, CVE-2026-29170, CVE-2026-44186, CVE-2026-34356, CVE-2026-42535, CVE-2026-43951, CVE-2026-44119,...

Security Bulletin: SSRF via HTTP Redirect Following in Langflow API Request Component

Summary Langflow OSS contains SSRF vulnerability in API Request component allowing authenticated flow authors to read localhost/private HTTP services via redirect following. APIRequestComponent.makeapirequest validates only initial URL with validateandresolveurl and pins DNS for initial hostname,...

Security Bulletin: DNS Rebinding TOCTOU Bypass of SSRF Protection in Langflow OSS URL Component

Summary Langflow OSS contains DNS rebinding TOCTOU vulnerability bypassing SSRF protection. URL component validates URLs with validateurlforssrf but fetches via RecursiveUrlLoader performing independent DNS resolution, creating exploitable TOCTOU window. Maintainers fixed identical issue in...

Security Bulletin: Unauthenticated Server-Side RCE via PythonCodeStructuredTool in Public Flows

Summary Langflow OSS contains unauthenticated server-side RCE via PythonCodeStructuredTool executing attacker-controlled Python through exec at flow-build time. Sink in execself.toolcode, globals, localnamespace where toolcode is attacker-controlled template field. Two paths: A Authenticated POST...

Security Bulletin: Multiple Vulnerabilities have been identified in IBM WebSphere Application Server and WebSphere Application Server Liberty shipped with IBM WebSphere Remote Server

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM WebSphere Application Server and WebSphere Application Server Liberty have been published in a security bulletin...

Security Bulletin: Multiple Vulnerabilities have been identified in IBM WebSphere Application Server and WebSphere Application Server Liberty shipped with IBM WebSphere Remote Server

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM WebSphere Application Server and WebSphere Application Server Liberty have been published in a security bulletin...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM WebSphere Remote Server (CVE-2026-10845)

Summary IBM WebSphere Application Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM WebSphere Remote Server CVE-2026-9006

Summary IBM WebSphere Application Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. CVE-2026-9006 Vulnerability Details Refer to the security bulletins listed in the...

Security Bulletin: Multiple Vulnerabilities have been identified in IBM WebSphere Application Server and WebSphere Application Server Liberty shipped with IBM WebSphere Remote Server

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM WebSphere Application Server and WebSphere Application Server Liberty have been published in a security bulletin...

Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by HTTP request smuggling (CVE-2026-11541)

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by remote code execution and HTTP request smuggling. Vulnerability Details CVEID:CVE-2026-11541 DESCRIPTION: IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by an...

Security Bulletin: IBM WebSphere Application Server is affected by multiple cross-site scripting vulnerabilities (CVE-2026-11594, CVE-2026-11707, CVE-2026-11383)

Summary IBM WebSphere Application Server is affected by multiple cross-site scripting vulnerabilities in the administrative console. Vulnerability Details CVEID:CVE-2026-11594 DESCRIPTION: IBM WebSphere Application Server is affected by a cross-site scripting vulnerability in the administrative...

Security Bulletin: Hardcoded credential in the IBM Storage Protect Snapshot For Windows leads to unauthorized access to system

Summary IBM Storage Protect Snapshot For Windows is affected by allowing a remote unauthenticated attacker to bypass authentication and gain SYSTEM-level access due to a hardcoded credential. Vulnerability Details CVEID:CVE-2026-12628 DESCRIPTION: IBM Storage Protect Client 8.1.0.0 through 8.2.1....

Security Bulletin: IBM Maximo Application Suite uses uuid-9.0.1.tgz which is vulnerable to CVE-2026-41907.

Summary IBM Maximo Application Suite uses uuid-9.0.1.tgz which is vulnerable to CVE-2026-41907. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-41907 DESCRIPTION: uuid is for the creation of RFC9562 formerly RFC4122 UUIDs. Prior...

Security Bulletin: IBM Maximo Application Suite uses marked-14.0.0.tgz which is vulnerable to CVE-2026-41680

Summary IBM Maximo Application Suite uses marked-14.0.0.tgz which is vulnerable to CVE-2026-41680. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-41680 DESCRIPTION: Marked is a markdown parser and compiler. From 18.0.0 to 18.0....

Security Bulletin: IBM WebSphere Application Server Liberty is affected by a an arbitrary file read vulnerability (CVE-2026-11806)

Summary IBM WebSphere Application Server Liberty is affected by an arbitrary file read vulnerability with the restConnector-2.0 feature enabled. Vulnerability Details CVEID:CVE-2026-11806 DESCRIPTION: IBM WebSphere Application Server Liberty is affected by an arbitrary file read vulnerability wit...

Security Bulletin: IBM WebSphere Application Server Liberty is affected by multiple vulnerabilities due to Neethi (CVE-2026-42402, CVE-2026-42403, CVE-2026-42404)

Summary There is a vulnerability in the Neethi library which affects IBM WebSphere Application Server Liberty with the jaxws-2.2, xmlWS-3.0 or xmlWS-4.0 feature enabled. Vulnerability Details CVEID:CVE-2026-42402 DESCRIPTION: Apache Neethi is vulnerable to a Denial of Service attack through...

Security Bulletin: IBM Enterprise Build of Quarkus is affected by an authentication/authentization bypass vulnerability

Summary Security Bulletin: IBM Enterprise Build of Quarkus is affected by an authentication/authentization bypass vulnerability Vulnerability Details ID: CVE-2026-50559 DESCRIPTION: Quarkus is a Java framework for building cloud-native applications. Prior to versions 3.37.0, 3.36.3, 3.33.2.1,...

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerabilities in tomcat-embed-core-9.0.115.jar

Summary IBM Watson Discovery Cartridge affected by vulnerabilities in tomcat-embed-core-9.0.115.jar Vulnerability Details CVEID:CVE-2026-24880 DESCRIPTION: Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Apache Tomcat via invalid chunk extension. Th...

Security Bulletin: Multiple Vulnerabilities affects IBM License Metric Tool v9

Summary Multiple vulnerabilities have been addressed in components used by IBM License Metric Tool Vulnerability Details CVEID:CVE-2026-34477 DESCRIPTION: The fix for CVE-2025-68161 https://logging.apache.org/security.htmlCVE-2025-68161 was incomplete: it addressed hostname verification only when...

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to vulnerability in follow-redirects

Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to vulnerability in follow-redirects. CVE-2026-40895 The vulnerabilities have been addressed Vulnerability Details CVEID:CVE-2026-40895 DESCRIPTION: follow-redirects is an open source, drop-in...

Security Bulletin: Multiple Vulnerabilities in IBM Data Product Hub

Summary Multiple vulnerabilities were addressed in IBM Data Product Hub version 5.3.1 Patch 7 and 5.4.0 Vulnerability Details CVEID:CVE-2026-34282 DESCRIPTION: Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE...

Security Bulletin: IBM Engineering Lifecycle Management - Engineering Workflow Management is impacted by vulnerabilities in Apache PDFBox

Summary Vulnerabilities have been identified in Apache PDFBox, which is used in IBM Engineering Lifecycle Management -Engineering Workflow Management Vulnerability Details CVEID:CVE-2021-27807 DESCRIPTION: A carefully crafted PDF file can trigger an infinite loop while loading the file. This issu...

Security Bulletin: IBM Engineering Lifecycle Management - Engineering Workflow Management is impacted by vulnerabilities in FasterXML jackson-databind

Summary Vulnerabilities have been identified in FasterXML jackson-databind, which is used in IBM Engineering Lifecycle Management - Engineering Workflow Management. Vulnerability Details CVEID:CVE-2022-42003 DESCRIPTION: In FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resour...

Security Bulletin: Multiple Vulnerabilities in IBM Operator for PostgreSQL

Summary Multiple vulnerabilities were addressed in IBM Operator for PostgreSQL version v28.3.2. Vulnerability Details CVEID:CVE-2026-27145 DESCRIPTION:x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a security bypass in python-dotenv [CVE-2026-28684]

Summary IBM Watson Speech Services Cartridge is vulnerable to a security bypass in python-dotenv, due to a flaw allowing a local attacker to overwrite arbitrary files via a crafted symlink when a cross-device rename fallback is triggered. CVE-2026-28684. Python-dotenv is used in our speech...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to incomplete validation in LangChain [CVE-2026-40087]

Summary IBM Watson Speech Services Cartridge is vulnerable to incomplete validation in LangChain, due to flaws in the f-string prompt-template. CVE-2026-40087. LangChain is used in our speech runtimes. This vulnerabilitiy has been addressed. Please read the details for remediation below...

Security Bulletin: The following vulnerabilities that can affect IBM Storage Scale Container Storage Interface (CSI) are now fixed in Storage Scale Container Native 5.2.3.8 / CSI 2.14.7 and Storage Scale Container Native 6.0.1.0 / CSI 3.1.0 or higher

Summary The following vulnerabilities, which can affect IBM Storage Scale Container Storage Interface CSI CVE-2026-9167 are now fixed in Storage Scale Container Native 5.2.3.8 / CSI 2.14.7 or higher and Storage Scale Container Native 6.0.1.0 / CSI 3.1.0 or higher. Vulnerability Details...

Security Bulletin: IBM SPSS Modeler is affected by multiple vulnerabilities in IBM Semeru Runtime

Summary IBM SPSS Modeler is affected by multiple vulnerabilities in IBM Semeru Runtime. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION: Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

Security Bulletin: SPSS Collaboration and Deployment Services is affected by Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc

Summary SPSS Collaboration and Deployment Services is affected by Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2026-3505 DESCRIPTION: Allocation of resources without limits o...

Security Bulletin: Multiple vulnerabilities affect CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition.

Summary Due to the use of IBM® Runtime Environment Java™, CICS Transaction Gateway Desktop Edition and CICS Transaction Gateway for Multiplatforms are vulnerable to multiple vulnerabilities. CICS Transaction Gateway for Multiplatforms and CICS Transaction Gateway Desktop Edition have updated the...

Security Bulletin: Critical XXE Vulnerability in Apache Tika Affecting Content Collector for Email, File Systems, and Microsoft SharePoint (CVE-2025-66516)

Summary Critical XML External Entity in Apache Tika on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. An attacker may be able to read sensitive data or trigger malicious requests to internal resources or third-party...

Security Bulletin: Multiple Vulnerabilities identified in IBM Cloud Pak System

Summary Vulnerabilities identified in Cloud Pak System. These vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-38716 DESCRIPTION: IBM Cloud Pak System 2.3.3.6, 2.3.36 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, and 2.3.4.0 could disclose sensitive information about the...

Security Bulletin: Multiple Vulnerabilities in watsonx.data

Summary Multiple vulnerabilities were addressed in watsonx.data 2.3.1 patch 6 version, which was present in different version from watson.data 2.3.1 to watsonx.dat 2.3.1 Patch 5 Vulnerability Details CVEID:CVE-2026-0621 DESCRIPTION: Anthropic's MCP TypeScript SDK versions up to and including 1.25...

Security Bulletin: Multiple Vulnerabilities in watsonx.data

Summary Multiple vulnerabilities were addressed in watsonx.data 2.3.1 patch 6 version, which was present in different version from watson.data 2.3.1 to watsonx.dat 2.3.1 Patch 5 Vulnerability Details CVEID:CVE-2025-15558 DESCRIPTION: Docker CLI for Windows searches for plugin binaries in...

Security Bulletin: Multiple Vulnerabilities in IBM® Runtime Environment Java™ Technology Edition affects WebSphere eXtreme Scale

Summary There are multiple vulnerabilities in IBM Runtime Environment Java Version 8 used by WebSphere eXtreme Scale. Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION: Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise...

Security Bulletin: DataStage on Cloud Pak for Data has several vulnerabilities due to open source software

Summary Open source packages are used as part of the overall processing in DataStage on Cloud Pak for Data. Vulnerability Details CVEID:CVE-2025-13465 DESCRIPTION: Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the .unset and .omit functions. An attacker can pass...