ibm
8,286 tracked vulnerabilities.
CVE-2026-9074
CRITICAL
IBM API Connect SQL Injection
Jul 08, 2026
CVSS 9.1
EPSS 0.01
CVE-2026-3144
HIGH
IBM API Connect Default Credentials
Jul 08, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-11541
HIGH
IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by HTTP request smuggling
Jun 30, 2026
CVSS 7.4
EPSS 0.00
CVE-2026-11594
HIGH
IBM WebSphere Application Server is affected by multiple cross-site scripting vulnerabilities
Jun 30, 2026
CVSS 8.5
EPSS 0.00
CVE-2026-9836
LOW
IBM DataStage Flow Designer application is affected by an information disclosure vulnerability
Jun 30, 2026
CVSS 3.5
EPSS 0.00
CVE-2026-9002
MEDIUM
IBM WebSphere eXtremes Scale is affected by uncontrolled resource consumption when XDF is enabled
Jun 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-7874
CRITICAL
IBM Langflow OSS - Weak Cryptographic Key Derivation Exposed All Stored Credentials
Jun 30, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-7873
CRITICAL
IBM Langflow OSS 1.0.0-1.10.0 - Authenticated OS Command Execution
Jun 30, 2026
CVSS 9.9
EPSS 0.00
CVE-2026-7871
CRITICAL
IBM Langflow OSS - Insecure Deserialization in Redis Cache Backend
Jun 30, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-7803
CRITICAL
IBM Langflow OSS - Flow Validation Bypass via Empty Component Type Field
Jun 30, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-7663
CRITICAL
IBM Langflow OSS 1.0.0-1.9.6 - Unauthenticated MCP Authorization Bypass
Jun 30, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-3602
MEDIUM
IBM App Connect Enterprise and IBM Integration Bus for z/OS toolkit is vulnerable to an sql injection
Jun 30, 2026
CVSS 4.7
EPSS 0.00
CVE-2026-13773
MEDIUM
IBM WebSphere eXtreme Scale is affected by server side request forgery when ORB is used as Transport Protocol
Jun 30, 2026
CVSS 6.0
EPSS 0.03
CVE-2026-13772
HIGH
IBM WebSphere eXtreme Scale's OQL is affected by remote code execution
Jun 30, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-13759
HIGH
IBM WebSphere eXtreme Scale is affected by Insecure Deserilization
Jun 30, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-13449
HIGH
XXE attack in IBM Business Automation Manager Open Editions
Jun 30, 2026
CVSS 7.6
EPSS 0.00
CVE-2026-12086
MEDIUM
IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to a Insertion of Sensitive Information into Log File Vulnerability
Jun 30, 2026
CVSS 6.2
EPSS 0.00
CVE-2026-12085
MEDIUM
IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptable to an Insertion of Sensitive Information Into Sent Data vulnerability
Jun 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-12084
MEDIUM
IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to a Permissive Cross-domain Security Policy with Untrusted Domains
Jun 30, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-11906
MEDIUM
Db2 11.5.9 and 12.1.4 - Denial of Service
Jun 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-11806
HIGH
IBM WebSphere Application Server Liberty is affected by a an arbitrary file read vulnerability
Jun 30, 2026
CVSS 7.2
EPSS 0.00
CVE-2026-11714
HIGH
IBM WebSphere Application Server Liberty is affected by an authorization bypass vulnerability
Jun 30, 2026
CVSS 8.5
EPSS 0.00
CVE-2026-11712
CRITICAL
IBM WebSphere Application Server is affected by a cross-site scripting vulnerability
Jun 30, 2026
CVSS 9.3
EPSS 0.00
CVE-2026-11708
CRITICAL
IBM WebSphere Application Server is affected by a cross-site scripting vulnerability
Jun 30, 2026
CVSS 9.3
EPSS 0.00
CVE-2026-11595
MEDIUM
IBM WebSphere Application Server is affected by a Path Traversal vulnerability
Jun 30, 2026
CVSS 4.3
EPSS 0.00
Products
websphere_application_server 465
aix 400
db2 339
rational_quality_manager 202
sterling_b2b_integrator 195
qradar_security_information_and_event_manager 190
infosphere_information_server 189
maximo_asset_management 182
rational_doors_next_generation 153
rational_team_concert 142
rational_collaborative_lifecycle_management 141
rational_engineering_lifecycle_manager 141
websphere_portal 126
security_guardium 112
cognos_analytics 104
sterling_file_gateway 93
vios 92
rational_rhapsody_design_manager 90
security_verify_access 90
websphere_mq 89
business_process_manager 88
lotus_domino 86
api_connect 81
rational_software_architect_design_manager 81
lotus_notes 71
security_key_lifecycle_manager 70
db2_universal_database 66
concert 65
smartcloud_control_desk 65
urbancode_deploy 65
Quick Filters