Lucene search
K

35608 matches found

IBM Security Bulletins
IBM Security Bulletins
added 4 hours ago2 views

Security Bulletin: SPSS Collaboration and Deployment Services is affected by multiple vulnerabilities in React Router

Summary SPSS Collaboration and Deployment Services is affected by multiple vulnerabilities in React Router. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2026-33244 DESCRIPTION: React Router is a router for React. In versions 7.5.1 through 7.13.1, when using...

8.7CVSS6.6AI score0.00416EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 5 hours ago2 views

Security Bulletin: Vulnerability in golang.org/x/net package bundled with IBM Fusion, IBM Fusion HCI, IBM Fusion Data Cataloging and IBM Fusion Content-Aware Storage

Summary IBM Fusion, IBM Fusion HCI, IBM Fusion Data Cataloging and IBM Fusion Content-Aware Storage include the golang.org/x/net package. It cause a running server to panic. CVE-2026-27141 Vulnerability Details CVEID:CVE-2026-27141 DESCRIPTION: Due to missing nil check, sending 0x0a-0x0f HTTP/2...

7.5CVSS5.9AI score0.00501EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 5 hours ago35 views

Security Bulletin: IBM® Db2® is vulnerable to remote code execution due to improper pre-auth DRDA handshake handling (CVE-2026-10109)

Summary IBM® Db2® is vulnerable to remote code execution due to improper pre-auth DRDA handshake handling. Vulnerability Details CVEID:CVE-2026-10109 DESCRIPTION: IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to remote code execution due to improper pre-auth DRDA handshak...

9.8CVSS6.6AI score0.0086EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 6 hours ago2 views

Security Bulletin: Due to the use of OpenSSL, IBM EntireX is vulnerable to multiple vulnerabilities

Summary Due to the use of OpenSSL, IBM EntireX is vulnerable to multiple vulnerabilities CVE-2026-7383, CVE-2026-9076, CVE-2026-34180, CVE-2026-34181, CVE-2026-34182, CVE-2026-34183, CVE-2026-42764, CVE-2026-42766, CVE-2026-42767, CVE-2026-42768, CVE-2026-42769, CVE-2026-42770, CVE-2026-45445,...

9.1CVSS6.9AI score0.02719EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 6 hours ago3 views

Security Bulletin: IBM® Db2® could disclose sensitive information to an authenticated user from the monitoring and event tables (CVE-2025-36372)

Summary IBM® Db2® could disclose sensitive information such as access keys to an authenticated user from the monitoring and event tables. CVE-2025-36372 Vulnerability Details CVEID:CVE-2025-36372 DESCRIPTION: IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows...

6.5CVSS5.8AI score0.00303EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 7 hours ago2 views

Security Bulletin: Vulnerability in Pillow package bundled with IBM Fusion, IBM Fusion HCI, IBM Fusion Data Cataloging and IBM Fusion Content-Aware Storage

Summary IBM Fusion, IBM Fusion HCI, IBM Fusion Data Cataloging and IBM Fusion Content-Aware Storage include Pillow library, which is susceptible to out-of-bound write, DoS vulnerabilities CVE-2026-25990, CVE-2026-40192. Vulnerability Details CVEID:CVE-2026-25990 DESCRIPTION: Pillow is a Python...

8.7CVSS5.9AI score0.00671EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 7 hours ago2 views

Security Bulletin: IBM SPSS Modeler is affected by multiple vulnerabilities in DataView

Summary IBM SPSS Modeler is affected by multiple vulnerabilities in DataView. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-58457 DESCRIPTION: Improper permission check in ZooKeeper AdminServer lets authorized clients to run snapshot and restore command...

9.1CVSS7.3AI score0.01713EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 8 hours ago2 views

Security Bulletin: IBM WinCollect Agent is vulnerable to using components with known vulnerabilities

Summary Multiple components with known vulnerabilities were addressed in this release of IBM WinCollect Agent Vulnerability Details CVEID:CVE-2026-5545 DESCRIPTION: libcurl might in some circumstances reuse the wrong connection when asked to do an authenticated HTTPS request after a...

9.8CVSS6.4AI score0.01735EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 8 hours ago2 views

Security Bulletin: IBM SPSS Modeler is affected by multiple vulnerabilities in DataView

Summary IBM SPSS Modeler is affected by multiple vulnerabilities in DataView. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2019-16869 DESCRIPTION: Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers such as a "Transfer-Encoding :...

9.1CVSS6.9AI score0.18891EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 8 hours ago2 views

Security Bulletin: IBM Engineering Requirements Management DOORS and DOORS Web Access is affected by multiple vulnerabilities

Summary This release addresses multiple security vulnerabilities across various components of IBM Engineering Requirements Management DOORS and DOORS Web Access product. Many vulnerabilities are rated Critical CVSS ≥ 9.0,including Tomcat CLIENTCERT Improper Authentication CVE-2026-29145,...

9.8CVSS7.3AI score0.66537EPSS
Exploits9Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 8 hours ago6 views

Security Bulletin: Multiple Vulnerabilities in IBM Bob

Summary Multiple vulnerabilities were addressed in IBM Bob V 2.0 Vulnerability Details CVEID:CVE-2026-41676 DESCRIPTION: rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive and PkeyCtxRef::derive sets len = buf.len and passes it...

9.8CVSS7.8AI score0.00412EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 8 hours ago2 views

Security Bulletin: Multiple Vulnerabilities in IBM Library Support for Spring

Summary Multiple vulnerabilities were addressed in IBM Library Support for Spring 2.7 Vulnerability Details CVEID:CVE-2016-1000027 DESCRIPTION: Pivotal Spring Framework through 5.3.16 suffers from a potential remote code execution RCE issue if used for Java deserialization of untrusted data...

9.8CVSS6.7AI score0.32257EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 9 hours ago2 views

Security Bulletin: Eclipse IDE versions 2023-09 (4.29) is vulnerable to external attack

Summary A vulnerability in Eclipse IDE version 2023-09 4.29 was found. The IBM Enterprise Records configuration manager tool was using Eclipse IDE to help present the user interface for customers to configure their software. Vulnerability Details CVEID:CVE-2023-4218 DESCRIPTION: In Eclipse IDE...

5CVSS5.9AI score0.00386EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 11 hours ago3 views

Security Bulletin: IBM SPSS Modeler is affected by multiple vulnerabilities in DataView

Summary IBM SPSS Modeler is affected by multiple vulnerabilities in DataView. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-46295 DESCRIPTION: Apache Commons Text versions prior to 1.10.0 included interpolation features that could be abused when...

9.8CVSS8.1AI score0.03278EPSS
Exploits13Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 11 hours ago12 views

Security Bulletin: IBM Quantum Safe Explorer is affected by multiple vulnerabilites

Summary The vulnerabilities were found in dependent open source libraries used within IBM Quantum Safe Explorer code base. These issues have been addressed by updating the versions of affected libraries. Vulnerability Details CVEID:CVE-2026-42033 DESCRIPTION: Axios is a promise based HTTP client...

7.5CVSS6.3AI score0.00838EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 11 hours ago3 views

Security Bulletin: IBM Quantum Safe Explorer is affected by multiple vulnerabilites

Summary The vulnerabilities were found in dependent open source libraries used within IBM Quantum Safe Explorer code base. These issues have been addressed by updating the versions of affected libraries. Vulnerability Details CVEID:CVE-2026-9595 DESCRIPTION: Impact: When a user-configured proxy o...

7.5CVSS5.7AI score0.00498EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 15 hours ago3 views

Security Bulletin: IBM Quantum Safe Remediator is affected by mutiple vulnerabilities

Summary The vulnerabilities are found in the dependent open source libraries used in IBM Quantum Safe Remediator code base. IBM Quantum Safe Remediator has addressed these vulnerabilities by updating the versions of the affected libraries. Vulnerability Details CVEID:CVE-2026-39824 DESCRIPTION:...

9.3CVSS6.4AI score0.00492EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2 days ago9 views

Security Bulletin: Improper Access Control and Exposure of Information Through Directory Listing vulnerabilities affect IBM Cloud Pak System[CVE-2023-38265, CVE-2023-38005]

Summary Improper Access Control and Exposure of Information Through Directory Listing vulnerabilities affect Cloud Pak System respectively. IBM Cloud Pak System could allow an authenticated user to perform unauthorized tasks due to improper access controls , and disclose folder location informati...

5.3CVSS5.9AI score0.00207EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2 days ago25 views

Security Bulletin: Multiple vulnerabilities in IBM Tivoli Monitoring affect IBM Cloud Pak System

Summary Multiple vulnerabilities in IBM Tivoli Monitoring affect IBM Cloud Pak System. Vulnerability Details CVEID:CVE-2024-35154 DESCRIPTION: IBM WebSphere Application Server 8.5 and 9.0 could allow a remote authenticated attacker, who has authorized access to the administrative console, to...

8.8CVSS7.7AI score0.01163EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2 days ago4 views

Security Bulletin: Due to the use of Google Go, IBM Cloud Pak Sys is affected by an infinite loop when unmarshaling certain forms of invalid JSON

Summary Vulnerability in Go used by Cloud Pak System CVE-2024-24786. Vulnerability Details CVEID:CVE-2024-24786 DESCRIPTION: The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which...

7.5CVSS6.7AI score0.01262EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2 days ago11 views

Security Bulletin: Due to IBM Storage Scale, IBM Cloud Pak System is affected by multiple vulnerabilities [CVE-2025-48976, CVE-2025-30204, CVE-2025-1137].

Summary Execute privileged command and denial of service vulnerabilities found in IBM Storage Scale previously known as IBM Spectrum Scale affect IBM Cloud Pak System. These vulnerabilities were addressed in IBM Cloud Pak System v2.3.6.1 and IBM Cloud Pak System v2.3.5.1 Vulnerability Details...

8.8CVSS7.1AI score0.63258EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2 days ago6 views

Security Bulletin: Multiple Vulnerabilities in IBM Cloud Pak System[CVE-2020-5256, CVE-2025-2895]

Summary Multiple Vulnerabilities were addressed in IBM Cloud Pak System. IBM Cloud Pak System is affected to Prototype Pollution due to Dojo and HTML Injection in JavaScript. Vulnerability Details CVEID:CVE-2020-5258 DESCRIPTION: In affected versions of dojo NPM package, the deepCopy method is...

9CVSS6.7AI score0.04023EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2 days ago16 views

Security Bulletin: Due to the use of IBM Db2, IBM Cloud Pak System is affected by multiple vulnerabilities

Summary Vulnerabilities found in IBM Db2 LUW that affect Foundation and IBM Tivoli Monitoring ITM pattern Types pTypes shipped with IBM Cloud Pak System. Vulnerabilities were addressed in IBM Cloud Pak System. IBM Cloud Pak System v2.3.6.1 has updated Foundation and ITM pTypes to Foundation versi...

7.8CVSS7.4AI score0.01966EPSS
Exploits1Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2 days ago5 views

Security Bulletin: Due to use of Golang Go, multiple vulnerabilities affect IBM Cloud Pak System

Summary Due to use of Golang Go multiple vulnerabilities affect IBM Cloud Pak System. IBM Cloud Pak System has addressed these vulnerabilities CVE-2025-47913, CVE-2025-47914, CVE-2025-58181 Vulnerability Details CVEID:CVE-2025-47913 DESCRIPTION: SSH clients receiving SSHAGENTSUCCESS when expectin...

7.5CVSS6.7AI score0.00591EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2 days ago3 views

Security Bulletin: Potential denial of service in X.509 name checks in OpenSSL affect Cloud Pak System [CVE-2024-6119]

Summary Potential denial of service in X.509 name checks in OpenSSL affect Cloud Pak System. Vulnerability was addressed by IBM Cloud Pak System. Vulnerability Details CVEID:CVE-2024-6119 DESCRIPTION: Issue summary: Applications performing certificate name checks e.g., TLS clients checking server...

7.5CVSS6.7AI score0.66594EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 3 days ago4 views

Security Bulletin: IBM Cloud Pak System is vulnerable to HTML injection[CVE-2023-38007].

Summary IBM Cloud Pak System is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. Vulnerability was addressed in IBM Cloud Pak System. Vulnerability...

5.4CVSS6.2AI score0.00212EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 3 days ago19 views

Security Bulletin: Due to use of IBM Tivoli Monitoring , IBM Cloud Pak System is affected by multiple vulnerabilities.

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak System. Vulnerability Details CVEID:CVE-2024-38473 DESCRIPTION: Encoding problem in modproxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing...

9.8CVSS7AI score0.41611EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 3 days ago12 views

Security Bulletin: Multiple Vulnerabilities in IBM Cloud Pak System

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak System version 2.3.6.1 and IBM Cloud Pak System version 2.3.5.1. Vulnerability Details CVEID:CVE-2025-0395 DESCRIPTION: When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for...

9.4CVSS7.5AI score0.63258EPSS
Exploits12Affected Software4
IBM Security Bulletins
IBM Security Bulletins
added 3 days ago3 views

Security Bulletin: Multiple Vulnerabilities affect IBM Cloud Pak System

Summary Multiple Vulnerabilities have been addressed in IBM Cloud Pak System v2.3.5.1. Vulnerability Details CVEID:CVE-2026-29063 DESCRIPTION: Immutable.js provides many Persistent Immutable data structures. Prior to versions 3.8.3, 4.3.7, and 5.1.5, Prototype Pollution is possible in immutable v...

9.8CVSS6.2AI score0.01535EPSS
Exploits4Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 3 days ago24 views

Security Bulletin: Multiple Vulnerabilities in IBM Library Support for Spring

Summary Multiple vulnerabilities were addressed in IBM Library Support for Spring 2.7 Vulnerability Details CVEID:CVE-2025-41249 DESCRIPTION: The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super typ...

8.1CVSS7.4AI score0.54862EPSS
Exploits11Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 3 days ago3 views

Security Bulletin: IBM SPSS Modeler is affected by multiple vulnerabilities in DataView

Summary IBM SPSS Modeler is affected by multiple vulnerabilities in DataView. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2021-33036 DESCRIPTION: In Apache Hadoop 2.2.0 to 2.10.1, 3.0.0-alpha1 to 3.1.4, 3.2.0 to 3.2.2, and 3.3.0 to 3.3.1, a user who can...

9.1CVSS6.2AI score0.0326EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 3 days ago6 views

Security Bulletin: Security vulnerabilities have been identified in WebSphere Application Server and WebSphere Application Server Liberty shipped with IBM Guardium Key Lifecycle Manager (GKLM)

Summary WebSphere Application Server and WebSphere Application Server Liberty is shipped as a component of IBM Guardium Key Lifecycle Manager GKLM. Information about security vulnerabilities affecting WebSphere Application Server and WebSphere Application Server Liberty has been published in a...

5.9AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 3 days ago3 views

Security Bulletin: Security vulnerability has been found in WebSphere Application Server shipped with IBM Guardium Key Lifecycle Manager (SKLM/GKLM)

Summary WebSphere Application Server is shipped as a component of IBM Guardium Key Lifecycle Manager SKLM/GKLM. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed...

6.5AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 3 days ago3 views

Security Bulletin: Security vulnerability has been found in WebSphere Application Server shipped with IBM Guardium Key Lifecycle Manager (SKLM/GKLM)

Summary WebSphere Application Server is shipped as a component of IBM Guardium Key Lifecycle Manager SKLM/GKLM. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed...

9.1CVSS5.9AI score0.00221EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 3 days ago7 views

Security Bulletin: Vulnerability in BIND (CVE-2026-3592, CVE-2026-5946) affects AIX/ VIOS.

Summary CVE-2026-3592: Resolver queries a specially crafted zone containing self-pointed glue records, causing disproportionate resource consumption. CVE-2026-5946: Specially crafted DNS messages using non-IN classes e.g., CHAOS, HESIOD, ANY, NONE trigger assertion failures, terminating the named...

7.5CVSS5.9AI score0.0181EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 3 days ago5 views

Security Bulletin: Vulnerability in BIND (CVE-2026-1519) affects AIX/ VIOS.

Summary When a BIND 9 resolver performs DNSSEC validation on a maliciously crafted DNS zone, an attacker can trigger excessive NSEC3 iterations during insecure delegation validation. This causes the named process to consume excessive CPU resources, potentially making the resolver unavailable...

7.5CVSS6AI score0.01545EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 3 days ago4 views

Security Bulletin: Vulnerability in BIND (CVE-2025-13878) affects AIX/ VIOS.

Summary A remote attacker can send or trigger processing of malformed BRID/HHIT DNS resource records, causing the named daemon to terminate unexpectedly. Vulnerability Details CVEID:CVE-2025-13878 DESCRIPTION: Malformed BRID/HHIT records can cause named to terminate unexpectedly. This issue affec...

7.5CVSS6.1AI score0.08219EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 3 days ago4 views

Security Bulletin: Security vulnerabilities have been found in WebSphere Application Server shipped with IBM Guardium Key Lifecycle Manager (SKLM/GKLM)

Summary WebSphere Application Server is shipped as a component of IBM Guardium Key Lifecycle Manager SKLM/GKLM. Information about security vulnerabilities affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed...

9.3CVSS5.9AI score0.00474EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 3 days ago3 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is affected by a remote code execution vulnerability (CVE-2026-11536)

Summary IBM WebSphere Application Server, which is bundled with IBM Enterprise Application Runtimes, is affected by a remote code execution vulnerability in the SOAP/JMX connector. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...

6.4AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 3 days ago3 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a remote code execution vulnerability (CVE-2026-11536)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a remote code execution vulnerability in the SOAP/JMX connector. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...

6.4AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 3 days ago3 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is affected by a remote code execution vulnerability (CVE-2026-11536)

Summary IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is affected by a remote code execution vulnerability in the SOAP/JMX connector. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Version...

6.4AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 3 days ago4 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a server-side request forgery vulnerability (CVE-2026-9006)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a server-side request forgery vulnerability with the Ajax Proxy configured. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Product...

9.1CVSS5.8AI score0.00221EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 3 days ago4 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is affected by a server-side request forgery vulnerability (CVE-2026-9006)

Summary IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is affected by a server-side request forgery vulnerability with the Ajax Proxy configured. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products...

9.1CVSS5.8AI score0.00221EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 3 days ago3 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Enterprise Application Runtimes, is affected by a server-side request forgery vulnerability (CVE-2026-9006)

Summary IBM WebSphere Application Server, which is bundled with IBM Enterprise Application Runtimes, is affected by a server-side request forgery vulnerability with the Ajax Proxy configured. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected...

9.1CVSS5.8AI score0.00221EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 3 days ago3 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Enterprise Application Runtimes, is affected by an authentication bypass vulnerability (CVE-2026-10845)

Summary IBM WebSphere Application Server, which is bundled with IBM Enterprise Application Runtimes, is affected by an authentication bypass vulnerability when a JAX-WS application is deployed. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected...

7.3CVSS5.8AI score0.00337EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 3 days ago3 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is affected by an authentication bypass vulnerability (CVE-2026-10845)

Summary IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is affected by an authentication bypass vulnerability when a JAX-WS application is deployed. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Product...

7.3CVSS5.8AI score0.00337EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 3 days ago3 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by an authentication bypass vulnerability (CVE-2026-10845)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by an authentication bypass vulnerability when a JAX-WS application is deployed. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected...

7.3CVSS5.8AI score0.00337EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 3 days ago6 views

Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty, which are bundled with IBM WebSphere Hybrid Edition, are affected by multiple vulnerabilities (CVE-2026-8646, CVE-2026-9320, CVE-2026-9071)

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty, which are bundled with IBM WebSphere Hybrid Edition, are affected by HTTP request smuggling and a denial of service. This affects IBM WebSphere Application Server Liberty with the servlet-3.0, servlet-3.1,...

9.1CVSS5.8AI score0.00338EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 3 days ago4 views

Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty, which are bundled with IBM WebSphere Hybrid Edition, are affected by multiple vulnerabilities (CVE-2026-8646, CVE-2026-9320, CVE-2026-9071)

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty, which are bundled with IBM WebSphere Hybrid Edition, are affected by HTTP request smuggling and a denial of service. This affects IBM WebSphere Application Server Liberty with the servlet-3.0, servlet-3.1,...

9.1CVSS5.8AI score0.00338EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 3 days ago3 views

Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty, which are bundled with IBM Enterprise Application Runtimes, are affected by multiple vulnerabilities (CVE-2026-8646, CVE-2026-9320, CVE-2026-9071)

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty, which are bundled with IBM Enterprise Application Runtimes, are affected by HTTP request smuggling and a denial of service. This affects IBM WebSphere Application Server Liberty with the servlet-3.0, servlet-3.1,...

9.1CVSS5.8AI score0.00338EPSS
Exploits0Affected Software1
Total number of security vulnerabilities35608