Lucene search
K

35702 matches found

IBM Security Bulletins
IBM Security Bulletins
added 1 hour ago3 views

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2026-8633, CVE-2026-8620)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities, Maximo Adapter for Primavera,...

9.8CVSS6.5AI score0.00847EPSS
Exploits0Affected Software11
IBM Security Bulletins
IBM Security Bulletins
added 4 hours ago2 views

Security Bulletin: Multiple vulnerabilities in IBM Aspera Enterprise Webapps

Summary Multiple vulnerabilities were addressed in IBM Aspera Enterprise Webapps version 1.0.4 Vulnerability Details CVEID:CVE-2026-8723 DESCRIPTION: Summary qs.stringify throws TypeError when called with arrayFormat: 'comma' and encodeValuesOnly: true on an array containing null or undefined. Th...

7.6CVSS7.5AI score0.0041EPSS
Exploits0Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 4 hours ago2 views

Security Bulletin: Due to use of IBM Storage Protect, IBM Cloud Pak System is affected by vulnerability [CVE-2026-13463]

Summary Vulnerabilities was addressed in IBM Cloud Pak System version 2.3.5.1. Vulnerability Details CVEID:CVE-2026-13463 DESCRIPTION: IBM Storage Protect could allow a local attacker to obtain sensitive information due to the insertion of credentials into log files. CWE:CWE-798: Use of Hard-code...

5.9AI score
Exploits0Affected Software4
IBM Security Bulletins
IBM Security Bulletins
added 4 hours ago2 views

Security Bulletin: Due to use of Golang Go, multiple vulnerabilities affect IBM Cloud Pak System

Summary Due to use of Golang Go multiple vulnerabilities affect IBM Cloud Pak System. IBM Cloud Pak System has addressed these vulnerabilities. Vulnerability Details CVEID:CVE-2026-39827 DESCRIPTION: An authenticated SSH client that repeatedly opened channels which were rejected by the server...

9.1CVSS6.7AI score0.00513EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: Security vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access

Summary Security vulnerabilities have been addressed in IBM Verify Identity Access and IBM Security Verify Access Vulnerability Details CVEID:CVE-2025-14923 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.2 IBM WebSphere Application Server Liberty could provide...

9.8CVSS7.4AI score0.00252EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: Nomad vulnerable to cross-namespace host volume claim deletion

Summary HashiCorp Nomad and Nomad Enterprise are vulnerable to a cross-namespace authorization bypass in the dynamic host volumes feature that may allow an operator holding the host volume delete permission in one namespace to delete a sticky volume claim belonging to a job in another namespace...

4.2CVSS5.9AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: Nomad vulnerable to sandbox escape in Docker task driver

Summary HashiCorp Nomad and Nomad Enterprise are vulnerable to a sandbox escape in the Docker task driver that may allow a job submitter to bind-mount a host path into a container even when volume bind mounts are disabled, potentially leading to reading and writing files on the host. This...

8.7CVSS5.9AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: Consul-template is vulnerable to path redirection in writeToFile through symlink attack

Summary The consul-template library before version 0.42.1 is vulnerable to a path redirection issue in the writeToFile template helper that may allow template output to be written outside the intended directory or to overwrite an existing file. This vulnerability CVE-2026-14361 is fixed in...

4.7CVSS5.8AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty (bundled with IBM Enterprise Application Runtimes) are affected by multiple vulnerabilities (CVE-2026-50645, CVE-2026-9322, CVE-2026-9171)

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty, which are bundled with IBM Enterprise Application Runtimes, are affected by uncontrolled resource consumption and denial of service. Vulnerability Details Refer to the security bulletins listed in the...

7.5CVSS5.9AI score0.0046EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty, which are bundled with IBM WebSphere Hybrid Edition, are affected by multiple vulnerabilities (CVE-2026-50645, CVE-2026-9322, CVE-2026-9171)

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty, which are bundled with IBM WebSphere Hybrid Edition, are affected by uncontrolled resource consumption and denial of service. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...

7.5CVSS5.9AI score0.0046EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty, which are bundled with IBM Cloud Pak for Applications, are affected by multiple vulnerabilities (CVE-2026-50645, CVE-2026-9322, CVE-2026-9171)

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty, which are bundled with IBM Cloud Pak for Applications, are affected by uncontrolled resource consumption and denial of service. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...

7.5CVSS5.9AI score0.0046EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: IBM Tivoli Monitoring's zlib library is affected by a security vulnerability.

Summary A vulnerable version of zlib library which is included as part of IBM Tivoli Monitoring ITM have been remediated. Vulnerability Details CVEID:CVE-2026-4176 DESCRIPTION: Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9 contain a vulnerabl...

9.8CVSS7.2AI score0.00676EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: Nomad Docker driver Linux host namespace bypass

Summary HashiCorp Nomad and Nomad Enterprise did not enforce the allowprivileged restriction for the Docker task driver's host namespace mode options. This may allow an authenticated job submitter to run a container in a host namespace and access information belonging to the host or to other...

7.7CVSS5.9AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: Denial of service via crafted push/pull gossip message in memberlist

Summary HashiCorp memberlist before version 0.6.0 is vulnerable to a denial-of-service issue in its push/pull state handling that may allow an attacker with network access to the gossip port to exhaust memory on a receiving node and cause the process to terminate. This vulnerability CVE-2026-1436...

4.9CVSS5.9AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: IBM Enterprise Build of Quarkus is affected by multiple vulnerabilities

Summary IBM Enterprise Build of Quarkus is affected by vulnerabilities in Jackson Data Binding, Micrometer, Keycloak Policy Enforcer, Apache CXF Vulnerability Details CVEID:CVE-2026-40983 DESCRIPTION: In Micrometer, it is possible for a user to provide specially crafted gRPC requests that may cau...

8.1CVSS5.9AI score0.00677EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday26 views

Security Bulletin: Multiple Vulnerabilities identified in IBM Cloud Pak System

Summary Vulnerabilities identified in Cloud Pak System. These vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-38716 DESCRIPTION: IBM Cloud Pak System 2.3.3.6, 2.3.36 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, and 2.3.4.0 could disclose sensitive information about the...

7.5CVSS6.2AI score0.00478EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: IBM i is Affected by Multiple Vulnerabilities in IBM Java SDK and IBM Java Runtime [CVE-2026-22016, CVE-2026-22021, CVE-2026-22013, CVE-2026-22018, CVE-2026-34268, CVE-2026-22007]

Summary IBM SDK Java Technology Edition and IBM Runtime Environment Java used by IBM i to support the building and running of Java applications are vulnerable to partial denial-of-service DoS CVE-2026-22021, CVE-2026-22018 and unauthorized access to data CVE-2026-22016, CVE-2026-22013,...

7.5CVSS6.4AI score0.00702EPSS
Exploits0Affected Software5
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is affected by HTTP request smuggling

Summary IBM WebSphere Application Server shipped with Jazz for Service Management JazzSM is affected by HTTP request smuggling CVE-2026-11541 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions...

9.8CVSS5.9AI score0.00418EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is affected by multiple vulnerabilities

Summary IBM WebSphere Application Server shipped with Jazz for Service Management JazzSM is affected by multiple vulnerabilities CVE-2026-11712, CVE-2026-11595, CVE-2026-11708 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...

9.3CVSS5.9AI score0.00474EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is affected by multiple vulnerabilities

Summary IBM WebSphere Application Server shipped with Jazz for Service Management JazzSM is affected by multiple vulnerabilities CVE-2026-50645, CVE-2026-9322, CVE-2026-9171 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Version...

7.5CVSS5.9AI score0.0046EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is affected by multiple vulnerabilities

Summary IBM WebSphere Application Server shipped with Jazz for Service Management JazzSM is affected by multiple vulnerabilities CVE-2026-8646, CVE-2026-9320, CVE-2026-9071 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions...

9.1CVSS5.9AI score0.00338EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is affected by multiple cross-site scripting vulnerabilities

Summary IBM WebSphere Application Server shipped with Jazz for Service Management JazzSM is affected by multiple cross-site scripting vulnerabilities CVE-2026-11594, CVE-2026-11707, CVE-2026-11383 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affect...

8.5CVSS5.8AI score0.00337EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is affected by a remote code execution vulnerability

Summary IBM WebSphere Application Server shipped with Jazz for Service Management JazzSM is affected by a remote code execution vulnerability CVE-2026-11536 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected...

6.6AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday5 views

Security Bulletin: IBM Operational Decision Manager for June 2026 - Multiple CVEs addressed

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Operational Decision Manager Vulnerability Details CVEID:CVE-2026-9828 DESCRIPTION: Deserialization of untrusted data vulnerability in QOS.CH Sarl logback...

9.8CVSS6.6AI score0.00686EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday4 views

Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics installed IBM WebSphere Application Server which is affected by multiple vulnerabilities

Summary The security issue described in CVE-2026-11712, CVE-2026-11595 and CVE-2026-11708 has been identified in WebSphere Application Server included as part of IBM Tivoli Composite Application Manager for Application Diagnostics. Vulnerability Details Refer to the security bulletins listed in t...

9.3CVSS5.9AI score0.00474EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday4 views

Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics installed IBM WebSphere Application Server and WebSphere Application Server Liberty which are affected by multiple vulnerabilities

Summary The security issue described in CVE-2026-50645, CVE-2026-9322 and CVE-2026-9171 has been identified in WebSphere Application Server and WebSphere Application Server Liberty included as part of IBM Tivoli Composite Application Manager for Application Diagnostics. Vulnerability Details Refe...

7.5CVSS5.9AI score0.0046EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday7 views

Security Bulletin: IBM Cloud Pak for Data System (CPDS 1.0) is affected by a Denial of Service vulnerability due to pyasn1

Summary pyasn1 is used by IBM Cloud Pak for Data System 1.0 as a generic ASN.1 encoding and decoding library for Python applications. CVE-2026-30922 affects pyasn1's ASN.1 decoder, where processing of crafted payloads containing deeply nested SEQUENCE or SET tags with indefinite length markers...

7.5CVSS6.8AI score0.0058EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday8 views

Security Bulletin: IBM Cloud Pak for Data System (CPDS 1.0) is affected by a Regular Expression Denial of Service vulnerability due to idna

Summary idna is used by IBM Cloud Pak for Data System 1.0 as a Python library for Internationalized Domain Names in Applications IDNA encoding and decoding. CVE-2026-45409 affects idna's encode function, where processing of arbitrarily large domain name inputs exploits the validcontexto function...

6.9CVSS6.3AI score0.00408EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday5 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses multiple packages which are vulnerable to multiple CVEs.

Summary IBM Maximo Application Suite - Monitor Component uses next-15.5.14.tgz, tomcat-embed-core-10.1.54.jar, systeminformation-5.31.4.tgz, jackson-core-2.19.2.jar, jackson-core-2.19.4.jar, jackson-core-2.20.0.jar, jackson-core-2.21.0.jar which are vulnerable to CVE-2026-44572, CVE-2026-44573,...

8.6CVSS6.7AI score0.38696EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday3 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses multiple dependencies which are vulnerable to multiple CVEs.

Summary IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty which could provide weaker than expected security, is affected by a privilege escalation vulnerability and server-side request forgery, requests-2.32.4-py3-none-any.whl which are vulnerable to...

9.8CVSS6.5AI score0.00498EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday3 views

Security Bulletin: IBM Cloud Pak for Data System (CPDS 1.0) is affected by multiple vulnerabilities due to cryptography

Summary cryptography is used by IBM Cloud Pak for Data System 1.0 as a Python package providing cryptographic primitives and recipes for secure communications. Multiple vulnerabilities affect the cryptography package. CVE-2024-12797 involves missing error reporting in RFC7250 Raw Public Key RPK...

8.2CVSS6.8AI score0.02357EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday3 views

Security Bulletin: IBM Cloud Pak for Data System (CPDS 1.0) is affected by a command injection vulnerability due to Click

Summary Click is used by IBM Cloud Pak for Data System 1.0 as a command-line interface creation library for Python applications. CVE-2026-7246 affects Click's click.edit function, which fails to properly neutralize special elements in input, allowing attackers to inject and execute arbitrary...

7.2CVSS6.2AI score0.0081EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday3 views

Security Bulletin: IBM Cloud Pak for Data System (CPDS 1.0) is affected by a sensitive information caching vulnerability due to Flask

Summary Flask is used by IBM Cloud Pak for Data System 1.0 as a WSGI web application framework. CVE-2026-27205 affects Flask's session handling, where certain forms of session object access such as the Python in operator fail to set the Vary: Cookie header, resulting in session-specific responses...

4.3CVSS5.9AI score0.00374EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday3 views

Security Bulletin: IBM Cloud Pak for Data System (CPDS 1.0) is affected by improper handling of Windows device names due to Werkzeug

Summary Werkzeug is used by IBM Cloud Pak for Data System 1.0 as a WSGI web application library. CVE-2026-27199 affects Werkzeug's safejoin function, which fails to properly filter Windows device names when preceded by other path segments in multi-segment paths. This allows the sendfromdirectory...

6.3CVSS5.9AI score0.00556EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday3 views

Security Bulletin: IBM Cloud Pak for Data System (CPDS 1.0) is affected by an XML external entity (XXE) vulnerability due to lxml

Summary lxml is used by IBM Cloud Pak for Data System 1.0 as a library for processing XML and HTML in Python applications. CVE-2026-41066 affects lxml's default parser configuration, where untrusted XML input can exploit external entity references to read local files from the system. This XML...

7.5CVSS6AI score0.00324EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday4 views

Security Bulletin: IBM Financial Transaction Manager v4 is impacted by multiple vulnerabilities in WebSphere Application Server Liberty

Summary IBM Financial Transaction Manager for RedHat OpenShift has addressed the following vulnerabilities. Vulnerability Details CVEID:CVE-2026-10852 DESCRIPTION: IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to denial of service in the WebSphere...

9.8CVSS7.8AI score0.005EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday4 views

Security Bulletin: Multiple vulnerabilities in IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Multiple vulnerabilities were addressed in IBM watsonx Orchestrate with watsonx Assistant Cartridge version 5.4.0 Vulnerability Details CVEID:CVE-2026-33891 DESCRIPTION: Forge also called node-forge is a native implementation of Transport Layer Security in JavaScript. Prior to version...

9.1CVSS7.3AI score0.00596EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday8 views

Security Bulletin: Denial of Service Vulnerability in jackson-core affect IBM Cloud Pak System[WS-2022-0468]

Summary Denial of Service Vulnerability in jackson-core was addressed in IBM Cloud Pak System version 2.3.6.0 and IBM Cloud Pak System version 2.3.5.1 BYOH on power. Vulnerability Details ID:WS-2022-0468 DESCRIPTION: The jackson-core package is vulnerable to a Denial of Service DoS attack. The...

6AI score
Exploits0Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added yesterday3 views

Security Bulletin: Multiple vulnerabilities in IBM MQ Operator and Queue manager container images

Summary Multiple vulnerabilities were addressed in IBM MQ Operator and Queue manager container images Vulnerability Details CVEID:CVE-2026-34182 DESCRIPTION: Issue Summary: Cryptographic Message Services CMS processing fails to perform sufficient input validation on the cipher and tag length fiel...

9.1CVSS8AI score0.00513EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday7 views

Security Bulletin: Vulnerability in Semeru Runtime affecting Rational Business Developer

Summary There are vulnerabilities in Semeru Runtime used by Rational Business Developer. Rational Business Developer has provided fixes for the applicable CVEs. Vulnerability Details CVEID:CVE-2026-34282 DESCRIPTION: Easily exploitable vulnerability allows unauthenticated attacker with network...

7.5CVSS6.5AI score0.00635EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2 days ago3 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is affected by multiple vulnerabilities (CVE-2026-11712, CVE-2026-11595, CVE-2026-11708)

Summary IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is affected by cross-sight scripting and path traversal vulnerabilities. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions...

9.3CVSS5.9AI score0.00474EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2 days ago5 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by multiple vulnerabilities (CVE-2026-11712, CVE-2026-11595, CVE-2026-11708)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by cross-sight scripting and path traversal vulnerabilities. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions...

9.3CVSS5.9AI score0.00474EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2 days ago3 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Enterprise Application Runtimes, is affected by multiple vulnerabilities (CVE-2026-11712, CVE-2026-11595, CVE-2026-11708)

Summary IBM WebSphere Application Server, which is bundled with IBM Enterprise Application Runtimes, is affected by cross-sight scripting and path traversal vulnerabilities. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Version...

9.3CVSS5.9AI score0.00474EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2 days ago5 views

Security Bulletin: IBM WebSphere Application Server Liberty is affected by a denial of service vulnerability due to Eclipse Parsson (CVE-2026-9563)

Summary IBM WebSphere Application Server Liberty is affected by a denial of service with the jsonp-2.1 feature enabled. Vulnerability Details CVEID:CVE-2026-9563 DESCRIPTION: In Eclipse Parsson published Maven Central artifacts before version 1.1.8, the JSON parser did not enforce a default maxim...

7.5CVSS5.9AI score0.00366EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2 days ago4 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by an authorization bypass vulnerability (CVE-2026-11714)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by an authorization bypass vulnerability with the apiDiscovery-1.0 feature enabled. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

9.8CVSS5.9AI score0.00203EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2 days ago4 views

Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty (bundled with IBM Enterprise Application Runtimes) are affected by multiple vulnerabilities (CVE-2026-50645, CVE-2026-9322, CVE-2026-9171)

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty, which are bundled with IBM Enterprise Application Runtimes, are affected by uncontrolled resource consumption and denial of service. Vulnerability Details Refer to the security bulletins listed in the...

7.5CVSS5.9AI score0.0046EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2 days ago4 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Enterprise Application Runtimes, is affected by an authorization bypass vulnerability (CVE-2026-11714)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Enterprise Application Runtimes, is affected by an authorization bypass vulnerability with the apiDiscovery-1.0 feature enabled. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes sectio...

9.8CVSS5.9AI score0.00203EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2 days ago4 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by an authorization bypass vulnerability (CVE-2026-11714)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by an authorization bypass vulnerability with the apiDiscovery-1.0 feature enabled. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

9.8CVSS5.9AI score0.00203EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2 days ago4 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by a server-side request forgery vulnerability (CVE-2026-11546)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is affected by a server-side request forgery vulnerability with the adminCenter-1.0 feature enabled. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes sectio...

9.8CVSS5.9AI score0.00222EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2 days ago5 views

Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by a server-side request forgery vulnerability (CVE-2026-11546)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by a server-side request forgery vulnerability with the adminCenter-1.0 feature enabled. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

9.8CVSS5.9AI score0.00222EPSS
Exploits0Affected Software1
Total number of security vulnerabilities35702