Ibm
117 CVEsCVE IDSeverityProduct / summaryPublished
CVE-2026-10109
CRITICAL 9.8
Db2 — IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to remote code execution due to imprope…
2026-06-30
CVE-2026-10129
HIGH 8.5
Langflow Oss — IBM Langflow OSS 1.0.0 through 1.9.3 contains a Server-Side Request Forgery (SSRF) protection bypass vulnerabi…
2026-06-30
CVE-2026-10134
CRITICAL 10
Langflow Oss — IBM Langflow OSS 1.0.0 through 1.9.3 allows an attacker to read every secret available to the Langflow process…
2026-06-30
CVE-2026-10140
CRITICAL 9.6
Langflow Oss — IBM Langflow OSS 1.0.0 through 1.10.0 voice mode contains improper shared-state handling that allows reuse of …
2026-06-30
CVE-2026-10546
HIGH 7.1
Langflow Oss — IBM Langflow OSS 1.0.0 through 1.9.3 contains a Server-Side Request Forgery (SSRF) vulnerability in the URL co…
2026-06-30
CVE-2026-10560
HIGH 8.2
Langflow Oss — IBM Langflow OSS 1.0.0 through 1.9.6 contains a missing authentication vulnerability in /api/v1/build_public_t…
2026-06-30
CVE-2026-10564
HIGH 8.2
Langflow Oss — IBM Langflow OSS 1.0.0 through 1.9.6 contains a Server-Side Request Forgery (SSRF). The legacy RSSReaderCompon…
2026-06-30
CVE-2026-11541
HIGH 7.4
Websphere Application Server — IBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through …
2026-06-30
CVE-2026-11546
HIGH 7.1
Websphere Application Server Liberty — IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.7 is affected by a server-side request forg…
2026-06-30
CVE-2026-11594
HIGH 8.5
Websphere Application Server — IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the admin…
2026-06-30
CVE-2026-11595
MEDIUM 4.3
Websphere Application Server — IBM WebSphere Application Server 9.0, and 8.5 could allow a remote attacker to obtain sensitive information fr…
2026-06-30
CVE-2026-11708
CRITICAL 9.3
Websphere Application Server — IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the admin…
2026-06-30
CVE-2026-11712
CRITICAL 9.3
Websphere Application Server — IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the admin…
2026-06-30
CVE-2026-11714
HIGH 8.5
Websphere Application Server Liberty — IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.7 is affected by a server-side request forg…
2026-06-30
CVE-2026-11806
HIGH 7.2
Websphere Application Server Liberty — IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 is affected by an arbitrary file read vul…
2026-06-30
CVE-2026-11906
MEDIUM 6.5
Db2 — IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows (includes Db2 Connect Ser…
2026-06-30
CVE-2026-12084
MEDIUM 5.4
Ucd Ibm Devops Deploy — IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.6, and 8.2 through 8.2.1.0 uses Cross-Origin Resource Sharing (C…
2026-06-30
CVE-2026-12085
MEDIUM 6.5
Ucd Ibm Urbancode Deploy — IBM UCD - IBM UrbanCode Deploy 7.3 through 7.3.2.18 and IBM UCD - IBM DevOps Deploy 8.0 through 8.0.1.13, 8.1 …
2026-06-30
CVE-2026-12086
MEDIUM 6.2
Ucd Ibm Urbancode Deploy — IBM UCD - IBM UrbanCode Deploy 7.2 through 7.2.3.23, and 7.3 through 7.3.2.18 and IBM UCD - IBM DevOps Deploy …
2026-06-30
CVE-2026-13449
HIGH 7.6
Business Automation Manager Open Editions — IBM Business Automation Manager Open Editions 9.0.0 through 9.4.2 is vulnerable to an XML external entity inje…
2026-06-30
CVE-2026-13759
HIGH 7.5
Websphere Extreme Scale — IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 ships three ObjectInputStream subclasses (WsObjectInputStr…
2026-06-30
CVE-2026-13772
HIGH 7.5
Websphere Extreme Scale — IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 's Object Query Language engine resolves attacker-supplied…
2026-06-30
CVE-2026-13773
MEDIUM 6
Websphere Extreme Scale — IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 Approximately 50 generated CORBA stub classes in WebSphere…
2026-06-30
CVE-2026-3602
MEDIUM 4.7
App Connect Enterprise — IBM App Connect Enterprise 13.0.1.0 through 13.0.7.2, and 12.0.1.0 through 12.0.12.26 and IBM Integration Bus …
2026-06-30
CVE-2026-7663
CRITICAL 9.1
Langflow Oss — IBM Langflow OSS 1.0.0 through 1.9.6 could allow unauthenticated attackers to access protected MCP project res…
2026-06-30
CVE-2026-7803
CRITICAL 9.8
Langflow Oss — IBM Langflow OSS 1.0.0 through 1.10.0 could allow arbitrary code execution due to improper validation of flow …
2026-06-30
CVE-2026-7871
CRITICAL 9.8
Langflow Oss — IBM Langflow OSS 1.0.0 through 1.10.0 allows users with Redis access to execute arbitrary code with full appli…
2026-06-30
CVE-2026-7873
CRITICAL 9.9
Langflow Oss — IBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated attackers to execute arbitrary OS commands and read…
2026-06-30
CVE-2026-7874
CRITICAL 9.1
Langflow Oss — IBM Langflow OSS 1.0.0 through 1.10.0 Langflow could allow disclosure of all stored credentials due to the use…
2026-06-30
CVE-2026-9002
MEDIUM 6.5
Websphere Extreme Scale — IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 could allow an adjacent attacker to cause a denial of serv…
2026-06-30
CVE-2026-9836
LOW 3.5
Infosphere Information Server — IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information disclosure vulnerabi…
2026-06-30
CVE-2025-12530
MEDIUM 5.9
Watsonx.Data Intelligence — IBM watsonx.data intelligence 5.2.2, 5.3.0, 5.3.1, 5.3.1 through patch-1 transmits data in clear text that cou…
2026-06-30
CVE-2025-36319
MEDIUM 4.3
Watsonx.Data Intelligence — IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow an authenticated user to cause a temporar…
2026-06-30
CVE-2025-36320
MEDIUM 6.4
Watsonx.Data Intelligence — IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 is vulnerable to stored cross-site scripting. This vu…
2026-06-30
CVE-2025-36321
MEDIUM 5.7
Watsonx.Data Intelligence — IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 is vulnerable to HTML injection. A remote attacker co…
2026-06-30
CVE-2025-36323
MEDIUM 5.4
Watsonx.Data Intelligence — IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 is vulnerable to cross-site scripting. This vulnerabi…
2026-06-30
CVE-2025-36324
MEDIUM 4.3
Watsonx.Data Intelligence — IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 s vulnerable to server-side request forgery (SSRF). T…
2026-06-30
CVE-2025-36327
MEDIUM 6.5
Watsonx.Data Intelligence — IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow an authenticated user to bypass security …
2026-06-30
CVE-2025-36328
MEDIUM 4.3
Watsonx.Data Intelligence — IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow a remote attacker to obtain sensitive inf…
2026-06-30
CVE-2025-36333
MEDIUM 4.3
Watsonx.Data Intelligence — IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow an authenticated user to perform unauthor…
2026-06-30
CVE-2025-36336
MEDIUM 5.9
Watsonx.Data Intelligence — IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 transmits data in clear text that could allow an atta…
2026-06-30
CVE-2025-36359
HIGH 8.1
Devops Automation — IBM DevOps Automation 1.0.1 and IBM DevOps Loop 1.0.2 does not invalidate session IDs after expiration which c…
2026-06-30
CVE-2025-36372
MEDIUM 5.5
Db2 — IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows (includes Db2 Connect Ser…
2026-06-30
CVE-2026-10561
CRITICAL 10
Langflow Oss — IBM Langflow OSS 1.0.0 through 1.9.3 has an vulnerability due to an improper isolation of Python execution com…
2026-06-22
CVE-2026-10845
HIGH 7.3
Websphere Application Server — IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to bypass authentication and gain u…
2026-06-22
CVE-2026-10852
MEDIUM 5.9
I — IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to denial of serv…
2026-06-22
CVE-2026-11372
MEDIUM 5.4
Tririga Application Platform — IBM TRIRIGA Application Platform 5.0.2 through 5.0.3 is vulnerable to cross-site scripting. This vulnerability…
2026-06-22
CVE-2026-12628
CRITICAL 9.1
Storage Protect Client — IBM Storage Protect Client 8.1.0.0 through 8.2.1.0 and IBM Storage Protect Snapshot For Windows 8.1.0.0 throug…
2026-06-22
CVE-2026-7253
MEDIUM 5.3
Ibm Watson Speech Services Cartridge — IBM Watson Speech Services Cartridge is vulnerable to Server-Side Request Forgery (SSRF) in Sterling File Gate…
2026-06-22
CVE-2026-7664
CRITICAL 9.8
Langflow Oss — IBM Langflow OSS 1.0.0 through 1.8.4 could allow unauthenticated attackers to access protected MCP project res…
2026-06-22
CVE-2026-8059
MEDIUM 6.1
Datacap — IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 is vulnerable to cross-s…
2026-06-22
CVE-2026-8636
MEDIUM 5.5
Datacap — IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 allows an attacker to re…
2026-06-22
CVE-2026-8646
HIGH 7.4
Websphere Application Server — IBM WebSphere Application Server 9.0 and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 2…
2026-06-22
CVE-2026-8858
HIGH 7.5
I — IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to remote code ex…
2026-06-22
CVE-2026-9006
HIGH 7.4
Websphere Application Server — IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to server-side request forgery (SSRF) with the Aja…
2026-06-22
CVE-2026-9071
HIGH 7.5
Websphere Application Server — IBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through …
2026-06-22
CVE-2026-9072
HIGH 8.1
I — IBM WebSphere Application Server and IBM WebSphere Application Server Liberty - when using Intelligent Managem…
2026-06-22
CVE-2026-9320
MEDIUM 5.9
Websphere Application Server — IBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through …
2026-06-22
CVE-2026-9610
LOW 2.3
Datacap — IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 exposes resources or fun…
2026-06-22
CVE-2025-2669
MEDIUM 6
Db2 On Cloud Pak For Data And Db2 Warehouse On Cloud Pak For Data — IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, 5.3 could a…
2026-06-22
CVE-2025-33128
MEDIUM 5.4
Engineering Workflow Management — IBM Engineering Workflow Management 7.0.3 through 7.0.3 Interim Fix 020, and 7.1 through 7.1 Interim Fix 007 i…
2026-06-22
CVE-2026-4870
HIGH 7.5
Qiskit Sdk — IBM Qiskit SDK 0.43.0 through 2.5.0 could allow an attacker to trigger a segmentation fault leading to a denia…
2026-06-12
CVE-2026-3341
MEDIUM 5.4
Langflow Desktop — IBM Langflow Desktop 1.0.0 through 1.9.2 IBM Langflow is vulnerable to server-side request forgery (SSRF). Thi…
2026-06-11
CVE-2026-4096
MEDIUM 6.5
Devops Plan — IBM DevOps Plan 3.0.0 through 3.0.6 is vulnerable to HTTP header injection, caused by improper validation of i…
2026-06-11
CVE-2026-7787
HIGH 7.5
Langflow Oss — IBM Langflow OSS 1.0.0 through 1.9.1 could allow an authenticated user to read or modify sensitive information…
2026-06-11
CVE-2026-7870
HIGH 8.8
I — IBM i 7.6, 7.5, 7.4, and 7.3 could allow a user to gain elevated privileges due to an unqualified library call…
2026-06-11
CVE-2026-7770
HIGH 8.8
I Access Family — IBM i Access Family 1.1.5.0 through 1.1.9.12 IBM i Access Client Solutions (ACS) is vulnerable to remote code …
2026-06-01
CVE-2026-8644
CRITICAL 9.1
Websphere Application Server — IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to identity spoofing.
2026-06-01
CVE-2026-9311
CRITICAL 9
Websphere Application Server — IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of s…
2026-06-01
CVE-2026-9319
CRITICAL 9
Websphere Application Server — IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to potential remote code execution due to deserial…
2026-06-01
CVE-2026-9330
HIGH 8.5
Websphere Application Server — IBM WebSphere Application Server 9.0, and 8.5 is affected by an improper validation of user-supplied data duri…
2026-06-01
CVE-2026-1248
MEDIUM 4.3
Business Automation Workflow Containers And Traditional — IBM Business Automation Workflow containers and traditional may leak information about its database structure …
2026-05-27
CVE-2026-1718
HIGH 7.1
Db2 — IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service with a specially…
2026-05-27
CVE-2026-2607
MEDIUM 5.1
Mq Operator — IBM MQ Operator SC2: v3.2.0 through 3.2.23CD: v3.3.0, v3.4.0, v3.4.1, v3.5.0, v3.5.1 - v3.5.3, v3.6.0 - v3.6.…
2026-05-27
CVE-2026-3366
HIGH 7.5
Infosphere Optim Test Data Fabrication — IBM InfoSphere Optim Test Data Fabrication 1.0.0, 1.0.0.1, 1.0.0.2, 1.0.2, 1.0.2.2, 1.0.2.3, 1.0.2.4, 1.0.2.5,…
2026-05-27
CVE-2026-3623
HIGH 7.8
Netezza Performance Server Replication Services — IBM Netezza Performance Server Replication Services 3.0.2.0 through 3.0.5.0 allows an attacker with low‑privil…
2026-05-27
CVE-2026-3676
MEDIUM 6.5
Cloud Apm, Base Private — IBM Cloud APM, Base Private 8.1.4 and IBM Cloud APM, Advanced Private 8.1.4 IBM Db2 for Linux, UNIX and Window…
2026-05-27
CVE-2026-4410
MEDIUM 4.8
Websphere Application Server Liberty — IBM WebSphere Application Server - Liberty 19.0.0.7 through 26.0.0.5 and IBM WebSphere Application Server 9.0,…
2026-05-27
CVE-2026-5065
HIGH 8.8
Controller — IBM Controller 11.0.1, 11.1.0, 11.1.1, and 11.1.2 contains hard-coded credentials, such as a password or crypt…
2026-05-27
CVE-2026-5515
MEDIUM 5.5
App Connect Enterprise — IBM App Connect Enterprise 13.0.1.0 through 13.0.7.0 stores potentially sensitive information in log files tha…
2026-05-27
CVE-2026-5516
MEDIUM 4.4
Websphere Application Server Liberty — IBM WebSphere Application Server - Liberty 22.0.0.11 through 26.0.0.5 IBM WebSphere Application Server Liberty…
2026-05-27
CVE-2026-6051
MEDIUM 5.5
Db2 — IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when executing a…
2026-05-27
CVE-2026-6052
MEDIUM 6.5
Db2 — IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to running out of memory when executing…
2026-05-27
CVE-2026-6053
MEDIUM 5.5
Db2 — IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when a specially…
2026-05-27
CVE-2026-6936
MEDIUM 6.5
I — IBM i 7.6, 7.5, 7.4, and 7.3 s vulnerable to a denial-of-service attack due to uncontrolled recursion in the I…
2026-05-27
CVE-2026-6938
MEDIUM 6.5
Db2 — IBM Db2 12.1.0 through 12.1.4 is vulnerable to authorization bypass when uploading to a remote object storage …
2026-05-27
CVE-2026-7254
MEDIUM 5.3
Openbmc — IBM OPENBMC FW1110.00 through FW1110.11 is vulnerable to denial of service attacks by unauthenticated network …
2026-05-27
CVE-2026-7365
HIGH 8.4
Operations Analytics Log Analysis — IBM Operations Analytics - Log Analysis and IBM SmartCloud Analytics - Log Analysis uses default passwords de…
2026-05-27
CVE-2026-7524
CRITICAL 9.8
Langflow Oss — IBM Langflow OSS 1.0.0 through 1.9.1 could allow remote code execution due to improper validation of symbolic …
2026-05-27
CVE-2026-7528
HIGH 7.1
Langflow Oss — IBM Langflow OSS 1.0.0 through 1.9.0 could allow a denial of service due to uncontrolled resource consumption.
2026-05-27
CVE-2026-7876
CRITICAL 9.1
Aspera Hsts For Cp4i — IBM Aspera HSTS for CP4I 1.5.1 through 1.5.19 is affected by an authentication bypass vulnerability. A transfe…
2026-05-27
CVE-2026-8175
CRITICAL 9.8
Aspera High Speed Transfer Endpoint — IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Serv…
2026-05-27
CVE-2026-8179
HIGH 8.8
Aspera High Speed Transfer Endpoint — IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Serv…
2026-05-27
CVE-2026-8180
HIGH 7.5
Aspera High Speed Transfer Endpoint — IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Serv…
2026-05-27
CVE-2026-8405
MEDIUM 6.5
Guardium Data Protection — IBM Guardium Data Protection 12.2.1, and 12.2.2 's add-on feature of Guardium Data Protection named "Long Term…
2026-05-27
CVE-2026-9035
MEDIUM 6.5
Aspera High Speed Transfer Endpoint — IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Serv…
2026-05-27
CVE-2025-3633
MEDIUM 5.4
Cognos Analytics — IBM Cognos Analytics 11.2.0, 11.2.4, 12.0, and 12.1.0 and IBM Cognos Transformer 11.2.4, 12.0, and 12.1.0 are …
2026-05-27
CVE-2026-3603
HIGH 7.1
Engineering Lifecycle Management — IBM Engineering Lifecycle Management 7.0.3 Interim Fix 001 through Interim Fix 021, 7.1.0 Interim Fix 001 th…
2026-05-26
CVE-2026-3660
CRITICAL 9.8
Engineering Lifecycle Management — IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0 could allow an unauthenticated remote attacker to…
2026-05-26
CVE-2026-4051
HIGH 7.2
Engineering Lifecycle Management — IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0 could allow an attacker with administrative privi…
2026-05-26
CVE-2026-8620
HIGH 7.5
Web Server Plug Ins For Websphere Application Server And Websphere Liberty — IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Applicat…
2026-05-26
CVE-2026-8633
CRITICAL 9.8
Web Server Plug Ins For Websphere Application Server And Websphere Liberty — IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Applicat…
2026-05-26
CVE-2026-8834
HIGH 8
Http Server — IBM HTTP Server 8.5, and 9.0 contains a buffer overflow vulnerability. A privileged user, authenticated to the…
2026-05-26
CVE-2026-8835
HIGH 7.3
Http Server — IBM HTTP Server 8.5, and 9.0 is vulnerable to invalid pointer dereference. A privileged user, authenticated to…
2026-05-26
CVE-2026-8850
HIGH 7.5
Http Server — IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_ibm_upload.
2026-05-26
CVE-2026-8852
MEDIUM 6.2
Http Server — IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_fastcgi module.
2026-05-26
CVE-2026-8854
HIGH 7.5
Http Server — IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_mem_cache.
2026-05-26
CVE-2026-8855
HIGH 8.1
Http Server — IBM HTTP Server 8.5, and 9.0 is vulnerable to remote code execution and denial of service in configurations wi…
2026-05-26
CVE-2026-8856
HIGH 7.7
Http Server — IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write …
2026-05-26
CVE-2026-9170
CRITICAL 9.8
Http Server — IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service and a potential remote code execution due to i…
2026-05-26
CVE-2025-13755
MEDIUM 5.5
Db2 — IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows (includes DB2 Connect Ser…
2026-05-26
CVE-2025-14290
MEDIUM 5.4
Webmethods Integration (On Prem) Integration Server — IBM webMethods Integration (on prem) -Integration Server 10.15 through IS_10.15_Core_Fix2611.1 to IS_11.1_Core…
2026-05-26
CVE-2025-36126
MEDIUM 6.4
Cognos Analytics — IBM Cognos Analytics 11.2.0, 12.0, and 12.1.0 and IBM Cognos Transformer 12.0, 11.2.4, and 12.1.0 is vulnerabl…
2026-05-26
CVE-2025-36145
MEDIUM 5.4
Watsonx.Data — IBM watsonx.data 2.2 through 2.3.1 IBM Lakehouse does not properly restrict inbound and outbound connections w…
2026-05-26
CVE-2025-36148
MEDIUM 5.4
Financial Transaction Manager For Swift Services For Multiplatforms — IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4.0 through 3.2.4.15 IBM Financial…
2026-05-26
CVE-2025-36220
MEDIUM 4.3
Cloud Pak For Data System Cyclops — IBM Cloud Pak for Data System - Cyclops 11.3.0.2 through Interim Fix 002 IBM Cloud Pak for Data System is vul…
2026-05-26
CVE-2025-36221
MEDIUM 5.3
Cloud Pak For Data System Cyclops — IBM Cloud Pak for Data System - Cyclops 11.3.0.2 through Interim Fix 002 IBM Cloud Pak for Data System uses d…
2026-05-26