ibm

8,286 tracked vulnerabilities.

CVE-2026-11546 HIGH
IBM WebSphere Application Server Liberty is affected by a server-side request forgery vulnerability
Jun 30, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-10564 HIGH
IBM Langflow OSS 1.0.0-1.9.6 - Server-Side Request Forgery in Legacy Components
Jun 30, 2026
CVSS 8.2
EPSS 0.00
CVE-2026-10560 HIGH
Unauthenticated Access to Private Flow Build Events and Cancellation in Langflow OSS
Jun 30, 2026
CVSS 8.2
EPSS 0.00
CVE-2026-10546 HIGH
DNS Rebinding TOCTOU Bypass of SSRF Protection in Langflow OSS URL Component
Jun 30, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-10140 CRITICAL
Cross-Tenant API Key Reuse and Billing Fraud in Langflow Voice Mode Subsystem
Jun 30, 2026
CVSS 9.6
EPSS 0.00
CVE-2026-10134 CRITICAL
Unauthenticated Server-Side RCE via PythonCodeStructuredTool in Public Flows
Jun 30, 2026
CVSS 10.0
EPSS 0.00
CVE-2026-10129 HIGH
SSRF via HTTP Redirect Following in Langflow API Request Component
Jun 30, 2026
CVSS 8.5
EPSS 0.00
CVE-2026-10109 CRITICAL
IBM® Db2® is vulnerable to remote code execution due to improper pre-auth DRDA handshake handling
Jun 30, 2026
CVSS 9.8
EPSS 0.01
CVE-2026-10852 MEDIUM
IBM i is Affected By a Denial of Service in IBM WebSphere Application Server Liberty
Jun 22, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-9610 LOW
IBM Datacap and Navigator - Forced Browsing Access Control Bypass
Jun 22, 2026
CVSS 2.3
EPSS 0.00
CVE-2026-9320 MEDIUM
IBM WebSphere Application Server and Liberty - Memory-Consumption Denial of Service
Jun 22, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-9072 HIGH
IBM i WebSphere Web Server Plug-in - Remote Code Execution and Denial of Service
Jun 22, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-9071 HIGH
IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by Uncontrolled Resource Consumption
Jun 22, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-9006 HIGH
IBM WebSphere Application Server is affected by server-side request forgery
Jun 22, 2026
CVSS 7.4
EPSS 0.00
CVE-2026-8858 HIGH
IBM i WebSphere Web Server Plug-in - Remote Code Execution and Denial of Service
Jun 22, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-8646 HIGH
IBM WebSphere Application Server and Liberty - HTTP Request Smuggling
Jun 22, 2026
CVSS 7.4
EPSS 0.00
CVE-2026-8636 MEDIUM
IBM Datacap and Navigator - Password and Key Disclosure from Memory
Jun 22, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-8059 MEDIUM
IBM Datacap and Navigator - Unauthenticated Cross-Site Scripting
Jun 22, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-7664 CRITICAL
Unauthenticated Flow Execution via Webhook Endpoint in Langflow OSS
Jun 22, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-7253 MEDIUM
IBM Watson Speech Services Cartridge - Authenticated Server-Side Request Forgery
Jun 22, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-12628 CRITICAL
Hardcoded credential in the IBM Storage Protect Snapshot For Windows leads to unauthorized access to system
Jun 22, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-11372 MEDIUM
IBM Tririga Application Platform < 5.0.3 - XSS
Jun 22, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-10845 HIGH
IBM WebSphere Application Server is affected by an authentication bypass vulnerability
Jun 22, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-10561 CRITICAL
Unauthenticated Remote Code Execution in Langflow OSS PythonREPLComponent via Builtins Injection
Jun 22, 2026
CVSS 10.0
EPSS 0.01
CVE-2026-4870 HIGH
IBM Qiskit SDK 0.43.0-2.5.0 - Parser Recursion Denial of Service
Jun 12, 2026
CVSS 7.5
EPSS 0.00