ibm
8,286 tracked vulnerabilities.
CVE-2026-11546
HIGH
IBM WebSphere Application Server Liberty is affected by a server-side request forgery vulnerability
Jun 30, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-10564
HIGH
IBM Langflow OSS 1.0.0-1.9.6 - Server-Side Request Forgery in Legacy Components
Jun 30, 2026
CVSS 8.2
EPSS 0.00
CVE-2026-10560
HIGH
Unauthenticated Access to Private Flow Build Events and Cancellation in Langflow OSS
Jun 30, 2026
CVSS 8.2
EPSS 0.00
CVE-2026-10546
HIGH
DNS Rebinding TOCTOU Bypass of SSRF Protection in Langflow OSS URL Component
Jun 30, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-10140
CRITICAL
Cross-Tenant API Key Reuse and Billing Fraud in Langflow Voice Mode Subsystem
Jun 30, 2026
CVSS 9.6
EPSS 0.00
CVE-2026-10134
CRITICAL
Unauthenticated Server-Side RCE via PythonCodeStructuredTool in Public Flows
Jun 30, 2026
CVSS 10.0
EPSS 0.00
CVE-2026-10129
HIGH
SSRF via HTTP Redirect Following in Langflow API Request Component
Jun 30, 2026
CVSS 8.5
EPSS 0.00
CVE-2026-10109
CRITICAL
IBM® Db2® is vulnerable to remote code execution due to improper pre-auth DRDA handshake handling
Jun 30, 2026
CVSS 9.8
EPSS 0.01
CVE-2026-10852
MEDIUM
IBM i is Affected By a Denial of Service in IBM WebSphere Application Server Liberty
Jun 22, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-9610
LOW
IBM Datacap and Navigator - Forced Browsing Access Control Bypass
Jun 22, 2026
CVSS 2.3
EPSS 0.00
CVE-2026-9320
MEDIUM
IBM WebSphere Application Server and Liberty - Memory-Consumption Denial of Service
Jun 22, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-9072
HIGH
IBM i WebSphere Web Server Plug-in - Remote Code Execution and Denial of Service
Jun 22, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-9071
HIGH
IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by Uncontrolled Resource Consumption
Jun 22, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-9006
HIGH
IBM WebSphere Application Server is affected by server-side request forgery
Jun 22, 2026
CVSS 7.4
EPSS 0.00
CVE-2026-8858
HIGH
IBM i WebSphere Web Server Plug-in - Remote Code Execution and Denial of Service
Jun 22, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-8646
HIGH
IBM WebSphere Application Server and Liberty - HTTP Request Smuggling
Jun 22, 2026
CVSS 7.4
EPSS 0.00
CVE-2026-8636
MEDIUM
IBM Datacap and Navigator - Password and Key Disclosure from Memory
Jun 22, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-8059
MEDIUM
IBM Datacap and Navigator - Unauthenticated Cross-Site Scripting
Jun 22, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-7664
CRITICAL
Unauthenticated Flow Execution via Webhook Endpoint in Langflow OSS
Jun 22, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-7253
MEDIUM
IBM Watson Speech Services Cartridge - Authenticated Server-Side Request Forgery
Jun 22, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-12628
CRITICAL
Hardcoded credential in the IBM Storage Protect Snapshot For Windows leads to unauthorized access to system
Jun 22, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-11372
MEDIUM
IBM Tririga Application Platform < 5.0.3 - XSS
Jun 22, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-10845
HIGH
IBM WebSphere Application Server is affected by an authentication bypass vulnerability
Jun 22, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-10561
CRITICAL
Unauthenticated Remote Code Execution in Langflow OSS PythonREPLComponent via Builtins Injection
Jun 22, 2026
CVSS 10.0
EPSS 0.01
CVE-2026-4870
HIGH
IBM Qiskit SDK 0.43.0-2.5.0 - Parser Recursion Denial of Service
Jun 12, 2026
CVSS 7.5
EPSS 0.00
Products
websphere_application_server 465
aix 400
db2 339
rational_quality_manager 202
sterling_b2b_integrator 195
qradar_security_information_and_event_manager 190
infosphere_information_server 189
maximo_asset_management 182
rational_doors_next_generation 153
rational_team_concert 142
rational_collaborative_lifecycle_management 141
rational_engineering_lifecycle_manager 141
websphere_portal 126
security_guardium 112
cognos_analytics 104
sterling_file_gateway 93
vios 92
rational_rhapsody_design_manager 90
security_verify_access 90
websphere_mq 89
business_process_manager 88
lotus_domino 86
api_connect 81
rational_software_architect_design_manager 81
lotus_notes 71
security_key_lifecycle_manager 70
db2_universal_database 66
concert 65
smartcloud_control_desk 65
urbancode_deploy 65
Quick Filters