Lucene search
K

35771 matches found

IBM Security Bulletins
IBM Security Bulletins
added 7 hours ago7 views

Security Bulletin: Multiple Vulnerabilities in IBM StreamSets SDK for Python

Summary Multiple vulnerabilities were addressed in IBM StreamSets SDK for Python 7.0.2 Vulnerability Details CVEID:CVE-2026-44431 DESCRIPTION: urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followed from the low-level API via...

8.9CVSS6.1AI score0.0068EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 7 hours ago5 views

Security Bulletin: Vulnerability in SVGO bundled with IBM Fusion and IBM Fusion HCI, and IBM Fusion Content-Aware Storage

Summary IBM Fusion, IBM Fusion HCI, and IBM Fusion Content-Aware Storage include the SVGO library, which is affected by an XML entity expansion vulnerability. CVE-2026-29074 Vulnerability Details CVEID:CVE-2026-29074 DESCRIPTION: SVGO, short for SVG Optimizer, is a Node.js library and command-lin...

7.5CVSS6AI score0.00612EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 10 hours ago4 views

Security Bulletin: IBM WebSphere Application Server Liberty is affected by a server-side request forgery vulnerability (CVE-2026-11546)

Summary IBM WebSphere Application Server Liberty is affected by a server-side request forgery vulnerability with the adminCenter-1.0 feature enabled. Vulnerability Details CVEID:CVE-2026-11546 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.7 is affected by a...

9.8CVSS6.1AI score0.00222EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 10 hours ago4 views

Security Bulletin: IBM WebSphere Application Server Liberty is affected by an authorization bypass vulnerability (CVE-2026-11714)

Summary IBM WebSphere Application Server Liberty is affected by an authorization bypass vulnerability with the apiDiscovery-1.0 feature enabled. Vulnerability Details CVEID:CVE-2026-11714 DESCRIPTION: IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.7 is affected by a server-sid...

9.8CVSS6.1AI score0.00203EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: Multiple Vulnerabilities in React Router bundled with IBM Fusion, IBM Fusion HCI and IBM Fusion Data Cataloging

Summary IBM Fusion, IBM Fusion HCI, and IBM Fusion Data Cataloging include the react-router library, which is affected by multiple vulnerabilities, including cross-site scripting XSS, cross-site request forgery CSRF, and open redirect vulnerabilities. CVE-2026-21884, CVE-2026-22029, CVE-2026-2203...

8.2CVSS6.6AI score0.0077EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: Vulnerability in Flask-HTTPAuth bundled with IBM Fusion, IBM Fusion HCI, and IBM Fusion Data Cataloging

Summary IBM Fusion, IBM Fusion HCI, and IBM Fusion Data Cataloging include the Flask-HTTPAuth library, which is affected by an improper authentication vulnerability. CVE-2026-34531 Vulnerability Details CVEID:CVE-2026-34531 DESCRIPTION: Flask-HTTPAuth provides Basic, Digest and Token HTTP...

8.2CVSS6.2AI score0.00324EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: Vulnerability in serialize-javascript bundled with IBM Fusion, IBM Fusion HCI and IBM Fusion Data Cataloging

Summary IBM Fusion, IBM Fusion HCI, and IBM Fusion Data Cataloging include the serialize-javascript library, which is affected by a denial of service vulnerability. CVE-2026-34043 Vulnerability Details CVEID:CVE-2026-34043 DESCRIPTION: Serialize JavaScript to a superset of JSON that includes...

7.5CVSS6AI score0.00472EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: Vulnerability in fast-uri bundled with IBM Fusion, IBM Fusion HCI, and IBM Fusion Data Cataloging

Summary IBM Fusion, IBM Fusion HCI, and IBM Fusion Data Cataloging include the fast-uri library, which is affected by a path traversal vulnerability. CVE-2026-6321 Vulnerability Details CVEID:CVE-2026-6321 DESCRIPTION: fast-uri decoded percent-encoded path separators and dot segments before...

7.5CVSS7AI score0.00521EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: Vulnerability in lxml bundled with IBM Fusion, IBM Fusion HCI, and IBM Fusion Data Cataloging

Summary IBM Fusion, IBM Fusion HCI, and IBM Fusion Data Cataloging include the lxml library, which is affected by an XML External Entity XXE vulnerability. CVE-2026-41066 Vulnerability Details CVEID:CVE-2026-41066 DESCRIPTION: lxml is a library for processing XML and HTML in the Python language...

7.5CVSS6.1AI score0.00324EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: Vulnerability in path-to-regexp bundled with IBM Fusion, IBM Fusion HCI, and IBM Fusion Data Cataloging

Summary IBM Fusion, IBM Fusion HCI, and IBM Fusion Data Cataloging include the path-to-regexp library, which is affected by a regular expression denial of service ReDoS vulnerability. CVE-2026-4867 Vulnerability Details CVEID:CVE-2026-4867 DESCRIPTION: Impact: A bad regular expression is generate...

7.5CVSS6.2AI score0.00496EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: Vulnerability in socket.io-parser bundled with IBM Fusion, IBM Fusion HCI, and IBM Fusion Data Cataloging

Summary IBM Fusion, IBM Fusion HCI, and IBM Fusion Data Cataloging include the socket.io-parser component, which is affected by a denial of service vulnerability. CVE-2026-33151 Vulnerability Details CVEID:CVE-2026-33151 DESCRIPTION: Socket.IO is an open source, real-time, bidirectional,...

8.7CVSS6.9AI score0.00514EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: Vulnerability in pydicom bundled with IBM Fusion, IBM Fusion HCI, and IBM Fusion Data Cataloging

Summary IBM Fusion, IBM Fusion HCI, and IBM Fusion Data Cataloging include the pydicom library, which is affected by a path traversal vulnerability. CVE-2026-32711 Vulnerability Details CVEID:CVE-2026-32711 DESCRIPTION: pydicom is a pure Python package for working with DICOM files. Versions...

7.8CVSS6.1AI score0.00279EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: Due to use of NodeJS, IBM Cloud Pak System is affected by multiple vulnerabilities

Summary Due to use of NodeJS libraries, IBM Cloud Pak System Software is affected by multiple vulnerabilities. These have been addressed in IBM Cloud Pak System Software version 2.3.5.1. Vulnerability Details CVEID:CVE-2026-22036 DESCRIPTION: Undici is an HTTP/1.1 client for Node.js. Prior to...

9.8CVSS6.8AI score0.0115EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday5 views

Security Bulletin: IBM Security QRadar Log Management AQL Plugin is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. IBM Security QRadar Log Management AQL Plugin has addressed the applicable CVEs in an update. Vulnerability Details CVEID:CVE-2026-34077 DESCRIPTION: React...

8.8CVSS6.9AI score0.00416EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday4 views

Security Bulletin: Vulnerability in Pallets Click bundled with IBM Fusion and IBM Fusion HCI

Summary IBM Fusion and IBM Fusion HCI include the click library, which is affected by a command injection vulnerability. CVE-2026-7246 Vulnerability Details CVEID:CVE-2026-7246 DESCRIPTION: Pallets Click, versions 8.3.2 and below, contain a command injection vulnerability in the click.edit...

7.2CVSS6.2AI score0.0081EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added yesterday5 views

Security Bulletin: Vulnerability in bytes bundled with IBM Fusion, IBM Fusion HCI, and IBM Fusion Content-Aware Storage

Summary IBM Fusion, IBM Fusion HCI, and IBM Fusion Content-Aware Storage include the bytes library, which is affected by an integer overflow vulnerability. CVE-2026-25541 Vulnerability Details CVEID:CVE-2026-25541 DESCRIPTION: Bytes is a utility library for working with bytes. From version 1.2.1 ...

7.5CVSS6AI score0.00559EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added yesterday4 views

Security Bulletin: Vulnerability in undici bundled with IBM Fusion, IBM Fusion HCI, and IBM Fusion Content-Aware Storage

Summary IBM Fusion, IBM Fusion HCI, and IBM Fusion Content-Aware Storage include the undici library, which is affected by a denial of service vulnerability. CVE-2026-22036 Vulnerability Details CVEID:CVE-2026-22036 DESCRIPTION: Undici is an HTTP/1.1 client for Node.js. Prior to 7.18.0 and 6.23.0,...

7.5CVSS6.7AI score0.00433EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added yesterday6 views

Security Bulletin: Vulnerability in follow-redirects bundled with IBM Fusion and IBM Fusion HCI

Summary IBM Fusion and IBM Fusion HCI include the follow-redirects library, which is affected by an information exposure vulnerability. CVE-2026-40895 Vulnerability Details CVEID:CVE-2026-40895 DESCRIPTION: follow-redirects is an open source, drop-in replacement for Node's http and https modules...

7.5CVSS7AI score0.00486EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added yesterday3 views

Security Bulletin: IBM DataStage Flow Designer application is affected by an information disclosure vulnerability (CVE-2026-9836)

Summary An information disclosure vulnerability was addressed in IBM DataStage Flow Designer . Vulnerability Details CVEID:CVE-2026-9836 DESCRIPTION: IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information disclosure vulnerability. CWE:CWE-200: Exposure of...

7.5CVSS6.1AI score0.00241EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday5 views

Security Bulletin: Multiple vulnerabilities that affects IBM Db2 Genius Hub

Summary The following dependency packages are being used by IBM Db2 Genius Hub - urllib3, tornado, tensorflow, requests, pythondotenv, pytest, Pygments, idna, flask, certifi, react-router, brace-expansion, golang.org/x/sys, golang.org/x/net, golang.org/x/crypto, axios, RedisBloom, redis,...

9.8CVSS6.8AI score0.2241EPSS
Exploits6Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added yesterday3 views

Security Bulletin: IBM OpenPages is affected by multiple security vulnerabilities of DB2 Database Server (May 2026)

Summary IBM® Db2® Database Server is shipped as a supporting program of IBM OpenPages. Information about security vulnerabilities affecting IBM Db2 Database Server has been published in multiple security bulletins. Vulnerability Details Refer to the security bulletins listed in the...

6AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: IBM Guardium Data Security Center is affected by multiple vulnerabilities

Summary IBM Guardium Data Security Center has addressed these vulnerabilities with an update. Vulnerability Details CVEID:CVE-2026-41683 DESCRIPTION: i18next-http-middleware is a middleware to be used with Node.js web frameworks like express or Fastify and also for Deno. Prior to version 3.9.3,...

8.9CVSS7AI score0.00804EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: IBM WebSphere Application Server Liberty shipped with IBM OpenPages is affected by multiple vulnerabilities

Summary IBM WebSphere Application Server Liberty is shipped as a supporting program of IBM OpenPages affected by identity spoofing CVE-2026-3621, CVE-2025-14917 and CVE-2026-1561 . Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...

9.8CVSS7AI score0.00355EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday2 views

Security Bulletin: IBM Operations Analytics - Log Analysis is affected by a TOCTOU weakness allowing active sessions to persist beyond a password change

Summary IBM Operations Analytics - Log Analysis contains a Time-Of-Check to Time-Of-Use TOCTOU weakness in its built-in user password management feature. The built-in authentication module of IBM Operations Analytics - Log Analysis is used by IBM Operations Analytics - Log Analysis as part of the...

6.1AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday10 views

Security Bulletin: Vulnerabilities have been identified in WebSphere Application Server shipped with WebSphere Service Registry and Repository (CVE-2026-10845, CVE-2026-8646, CVE-2026-9320, CVE-2026-9071 and CVE-2026-9006)

Summary WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository. Information about multiple vulnerabilities affecting WebSphere Application Server have been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in...

9.1CVSS5.5AI score0.00338EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday7 views

Security Bulletin: IBM webMethods BPM is vulnerable to a denial of service due to org.eclipse.core.runtime

Summary IBM webMethods BPM uses org.eclipse.core.runtime which contains the Eclipse Workbench API classes used to create and manage workbench windows, views, editors, and perspectives. Vulnerability Details CVEID:CVE-2023-4218 DESCRIPTION: In Eclipse IDE versions 2023-09 4.29 some files with xml...

5CVSS6.1AI score0.00386EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday3 views

Security Bulletin: Multiple log4j related security vulnerabilities in IBM Guardium Key Lifecycle Manager

Summary Multiple security vulnerabilities related to log4j have been addressed in IBM Guardium Key Lifecycle Manager Vulnerability Details CVEID:CVE-2026-34477 DESCRIPTION: The fix for CVE-2025-68161 https://logging.apache.org/security.htmlCVE-2025-68161 was incomplete: it addressed hostname...

7.5CVSS6.1AI score0.0086EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday3 views

Security Bulletin: IBM Transformation Advisor is affected by multiple vulnerabilities found in JavaScript

Summary There are multiple vulnerabilities in JavaScript used by IBM Transformation Advisor. Vulnerability Details CVEID:CVE-2026-12143 DESCRIPTION: form-data is a library for creating readable multipart/form-data streams. In versions through 4.0.5, the field argument to FormDataappend and the...

8.7CVSS6.2AI score0.00409EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday3 views

Security Bulletin: IBM Application Modernization Accelerator is affected by multiple vulnerabilities found in JavaScript

Summary There are multiple vulnerabilities in JavaScript used by IBM Application Modernization Accelerator. Vulnerability Details CVEID:CVE-2026-12143 DESCRIPTION: form-data is a library for creating readable multipart/form-data streams. In versions through 4.0.5, the field argument to...

8.7CVSS6.2AI score0.00409EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday3 views

Security Bulletin: Security vulnerabilities have been detected in IBM Security Verify Governance Identity Manager Adapters

Summary IBM Security Verify Governance Identity Manager Adapters use jackson-databind-2.15.2.jar, jackson-databind-2.18.6.jar and jackson-databind-2.21.1.jar, which is affected by multiple security vulnerabilities Vulnerability Details CVEID:CVE-2026-54512 DESCRIPTION: jackson-databind contains t...

8.1CVSS6.1AI score0.00695EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added yesterday5 views

Security Bulletin: Security vulnerabilities have been detected in IBM Security Verify Governance Identity Manager Adapters

Summary IBM Security Verify Governance Identity Manager Adapters use jackson-databind-2.15.2.jar, jackson-databind-2.18.6.jar and jackson-databind-2.21.1.jar, which is affected by multiple security vulnerabilities Vulnerability Details CVEID:CVE-2026-54512 DESCRIPTION: jackson-databind contains t...

8.1CVSS6.1AI score0.00695EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 3 days ago5 views

Security Bulletin: Multiple vulnerabbilities exists in the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Configuration Manager.

Summary IBM Tivoli Network Configuration Manager is affected by multiple security vulnerabilities in IBM SDK, Java Technology Edition. This bulletin addresses the IBM SDK, Java Technology Edition Quarterly Critical Patch Update CPU for April 2026, which includes Oracle's April 2026 Critical Patch...

7.5CVSS6.5AI score0.00702EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 3 days ago13 views

Security Bulletin: IBM Storage Scale System: Vulnerability in Linux kernel crypto subsystem could allow local privilege escalation (CVE-2026-31431)

Summary IBM Storage Scale Systems is affected by a security vulnerability identified in the Linux kernel's cryptographic interface CVE-2026-31431 that could allow a local user with low privileges to escalate to root privileges. The vulnerability has a CVSS score of 7.8 High and requires local...

7.8CVSS6.6AI score0.96267EPSS
Exploits230Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 4 days ago3 views

Security Bulletin: IBM® Db2® is vulnerable to a denial of service when running non fenced federated queries (CVE-2026-10695)

Summary IBM® Db2® is vulnerable to a denial of service when running non fenced federated queries. Vulnerability Details CVEID:CVE-2026-10695 DESCRIPTION: IBM Db2 federated server is vulnerable to a denial of service when running non fenced federated queries. CWE:CWE-400: Uncontrolled Resource...

6.1AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 4 days ago5 views

Security Bulletin: IBM® Db2® is affected by a vulnerability in log4j-core (CVE-2026-34479)

Summary IBM® Db2® is affected by a vulnerability in log4j-core. Vulnerability Details CVEID:CVE-2026-34479 DESCRIPTION: The Log4j1XmlLayout from the Apache Log4j 1-to-Log4j 2 bridge fails to escape characters forbidden by the XML 1.0 standard, producing malformed XML output. Conforming XML parser...

7.5CVSS6.1AI score0.00535EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 4 days ago4 views

Security Bulletin: IBM® Db2® is affected by a vulnerability in netty-codec-http-4.1.130.Final.jar (CVE-2026-41417)

Summary IBM® Db2® is affected by a vulnerability in netty-codec-http-4.1.130.Final.jar Vulnerability Details CVEID:CVE-2026-41417 DESCRIPTION: Netty allows request-line validation to be bypassed when a DefaultHttpRequest or DefaultFullHttpRequest is created first and its URI is later changed via...

5.3CVSS6.1AI score0.00307EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 4 days ago3 views

Security Bulletin: IBM® Db2® is vulnerable to buffer overflow in setgid helper db2flacc (CVE-2026-10535)

Summary IBM® Db2® is vulnerable to uffer overflow in setgid helper db2flacc. Vulnerability Details CVEID:CVE-2026-10535 DESCRIPTION: IBM Db2 is vulnerable to buffer overflow in setgid helper db2flacc. CWE:CWE-121: Stack-based Buffer Overflow CVSS Source: IBM CVSS Base score: 8.4 CVSS...

6.2AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 4 days ago5 views

Security Bulletin: Multiple vulnerabilities in IBM Semeru affects IBM® Db2® (April 2026 CPU)

Summary There are vulnerabilities in IBM Runtime Environment Java™ Version 8.0.8.60 and earlier, and IBM Semeru Version 21.0.10.0 and earlier used by IBM® Db2®. These issues were disclosed as part of the IBM Java SDK updates in April 2026 Vulnerability Details CVEID:CVE-2026-22021 DESCRIPTION:...

5.3CVSS6.1AI score0.00305EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 4 days ago5 views

Security Bulletin: IBM® Data Server driver for JDBC and SQLJ is vulnerable to remote code execution when jdbc url is under user control (CVE-2026-9762)

Summary IBM® Db2® is vulnerable to remote code execution when jdbc url is under user control. Vulnerability Details CVEID:CVE-2026-9762 DESCRIPTION: IBM Data Server Driver for JDBC and SQLJ is vulnerable to remote code execution when jdbc url is under user control. CWE:CWE-94: Improper Control of...

6.5AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 4 days ago3 views

Security Bulletin: IBM® Db2® is vulnerable to a trap when compiling specially crafted statements containing subqueries could lead to a denial of service (CVE-2026-7771)

Summary IBM® Db2® is vulnerable to a trap when compiling specially crafted statements containing subqueries could lead to a denial of service. Vulnerability Details CVEID:CVE-2026-7771 DESCRIPTION: DB2 for Linux is vulnerable to a trap when compiling a specially crafted statements containing...

6.1AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 4 days ago3 views

Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM Buinsess Automation Workflow (CVE-2026-8408)

Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow. Information about security vulnerabilities affecting IBM WebSphere Application Server Traditional have been published in a security bulletin. Vulnerability Details Refer to the security bulletins...

6AI score
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 4 days ago3 views

Security Bulletin: Vulnerability in IBM Data Product Hub

Summary A vulnerability was addressed in IBM Data Product Hub version 5.4.0 Patch 2 Vulnerability Details CVEID:CVE-2026-9358 DESCRIPTION: A vulnerability was determined in postcss-selector-parser up to 6.1.2/7.1.2. Affected is the function toString of the file src/selectors/container.js of the...

5.3CVSS5.8AI score0.00325EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 4 days ago10 views

Security Bulletin: Security vulnerability in IBM Storage Protect Client leads to unauthorized access to IBM Storage Protect Snapshot for Windows Standalone Configuration

Summary Security vulnerability in IBM Storage Protect Client leads to unauthorized access to IBM Storage Protect Snapshot for Windows Standalone Configuration. CVE-2026-12628 Vulnerability Details CVEID:CVE-2026-12628 DESCRIPTION: IBM Storage Protect Client 8.1.0.0 through 8.2.1.0 and IBM Storage...

9.1CVSS6AI score0.00357EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 4 days ago7 views

Security Bulletin: Vulnerability in IBM Operator for PostgreSQL

Summary A vulnerability was addressed in IBM Operator for PostgreSQL version v28.4.0. Vulnerability Details CVEID:CVE-2026-25680 DESCRIPTION: Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CWE:CWE-400: Uncontrolled Resource Consumption CVSS Source:...

6.5CVSS6.2AI score0.00248EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 4 days ago8 views

Security Bulletin: IBM Storage Protect Client is vulnerable to Heap-Based Buffer Overflow (CVE-2026-13473)

Summary IBM Storage Protect Client is vulnerable to Heap-Based Buffer Overflow due to unchecked string copy operations in IBM Storage Protect Snapshot for Windows Standalone Configuration. Vulnerability Details CVEID:CVE-2026-13473 DESCRIPTION: IBM Storage Protect is vulnerable to a heap-based...

6.5AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 4 days ago3 views

Security Bulletin: IBM Application Modernization Accelerator is affected by multiple vulnerabilities found in Java, JavaScript and IBM WebSphere Application Server Liberty

Summary There are multiple vulnerabilities in Java, JavaScript and IBM WebSphere Application Server Liberty used by IBM Application Modernization Accelerator. Vulnerability Details CVEID:CVE-2026-41907 DESCRIPTION: uuid is for the creation of RFC9562 formerly RFC4122 UUIDs. Prior to 14.0.0, v3, v...

9.3CVSS6.2AI score0.00702EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 4 days ago3 views

Security Bulletin: IBM Transformation Advisor is affected by multiple vulnerabilities found in Java, JavaScript and IBM WebSphere Application Server Liberty

Summary There are multiple vulnerabilities in Java, JavaScript and IBM WebSphere Application Server Liberty used by IBM Transformation Advisor. Vulnerability Details CVEID:CVE-2026-40181 DESCRIPTION: React Router is a router for React. In versions 7.0.0 through 7.14.0 and 6.7.0 through 6.30.3,...

9.3CVSS6.2AI score0.00745EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 4 days ago5 views

Security Bulletin: Multiple vulnerabilities in IBM Tivoli Network Manager IP Edition

Summary Multiple vulnerabilities were addressed in IBM Tivoli Network Manager IP Edition 4.2.0.24 IF2 Vulnerability Details CVEID:CVE-2026-8368 DESCRIPTION: LWP::UserAgent versions before 6.83 for Perl leak Authorization and Proxy-Authorization headers on cross-origin redirects. On a 3xx response...

9.8CVSS6.6AI score0.00695EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 4 days ago3 views

Security Bulletin: IBM SPSS Modeler is affected by multiple vulnerabilities in DataView

Summary IBM SPSS Modeler is affected by multiple vulnerabilities in DataView. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-14813 DESCRIPTION: : Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA...

9.9CVSS7.5AI score0.27095EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 4 days ago3 views

Security Bulletin: IBM Cloud Pak for Data System (CPDS 1.0) is affected by multiple vulnerabilities due to pyOpenSSL

Summary pyOpenSSL is used by IBM Cloud Pak for Data System 1.0 as a Python wrapper around the OpenSSL library for TLS/SSL functionality. Multiple vulnerabilities affect pyOpenSSL. CVE-2026-27448 involves improper handling of unhandled exceptions in the settlsextservernamecallback callback, which...

9.8CVSS6.2AI score0.00704EPSS
Exploits0Affected Software1
Total number of security vulnerabilities35771