ibm

8,286 tracked vulnerabilities.

CVE-2026-7870 HIGH
IBM i 7.3-7.6 - Admin Privilege Escalation via Unqualified Library Call
Jun 11, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-7787 HIGH
IBM Langflow OSS - Unauthenticated Session History Access via Public Flow Execution
Jun 11, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-4096 MEDIUM
IBM DevOps Plan 3.0.0-3.0.6 - Host Header Injection
Jun 11, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-3341 MEDIUM
IBM Langflow Desktop 1.0.0 - 1.9.2 DNS Rebinding Bypasses SSRF Protection Allowing Access to Internal Services
Jun 11, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-9330 HIGH
IBM WebSphere Application Server 8.5 and 9.0 - Remote Code Execution via SAML Web SSO Deserialization
Jun 01, 2026
CVSS 8.5
EPSS 0.00
CVE-2026-9319 CRITICAL
IBM WebSphere Application Server 8.5 and 9.0 - Remote Code Execution via JAX-WS Endpoint Deserialization
Jun 01, 2026
CVSS 9.0
EPSS 0.00
CVE-2026-9311 CRITICAL
IBM WebSphere Application Server 8.5 and 9.0 - Remote Code Execution via Security Control Bypass
Jun 01, 2026
CVSS 9.0
EPSS 0.01
CVE-2026-8644 CRITICAL
IBM WebSphere Application Server 8.5 and 9.0 - Authentication Bypass by Spoofing
Jun 01, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-7770 HIGH
IBM i Access Client Solutions 1.1.5.0-1.1.9.12 - Remote Code Execution via IBM i Navigator Request Handling
Jun 01, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-1248 MEDIUM
IBM Business Automation Workflow information leak
May 27, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-9035 MEDIUM
IBM Aspera High-Speed Transfer Endpoint - Multiple Vulnerabilities in Aspera applications.
May 27, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-8405 MEDIUM
IBM Guardium Data Protection is affected by Exposure of Sensitive Information vulnerability
May 27, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-8180 HIGH
IBM Aspera High-Speed Transfer Endpoint - Multiple Vulnerabilities in Aspera applications.
May 27, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-8179 HIGH
IBM Aspera High-Speed Transfer Endpoint - Multiple Vulnerabilities in Aspera applications.
May 27, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-8175 CRITICAL
IBM Aspera High-Speed Transfer Endpoint - Multiple Vulnerabilities in Aspera applications.
May 27, 2026
CVSS 9.8
EPSS 0.01
CVE-2026-7876 CRITICAL
Authentication bypass vulnerability found in Aspera High-Speed Transfer Server for Cloud Pak for Integration
May 27, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-7528 HIGH
Unauthenticated File Upload Vulnerability Allows Disk Space Exhaustion and Path Disclosure in Langflow OSS
May 27, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-7524 CRITICAL
Path Traversal Vulnerability in File Processing Components Allows Unauthorized File System Access and Potential Remote Code Execution
May 27, 2026
CVSS 9.8
EPSS 0.01
CVE-2026-7365 HIGH
IBM Operations Analytics - Log Analysis is affected by Information disclosure due to default passwords not being forced to be changed on post-installation
May 27, 2026
CVSS 8.4
EPSS 0.00
CVE-2026-7254 MEDIUM
IBM Openbmc < FW1110.11 - Denial of Service
May 27, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-6938 MEDIUM
IBM® Db2® is vulnerable to authorization bypass when uploading to a remote object storage path with a special query
May 27, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-6936 MEDIUM
IBM i is Affected by a Denial of Service Vulnerability []
May 27, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-6053 MEDIUM
IBM® Db2® is vulnerable to a denial of service when a specially crafted query is run with range partitioned tables
May 27, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-6052 MEDIUM
IBM® Db2® is vulnerable to running out of memory when executing certain queries with MDC tables
May 27, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-6051 MEDIUM
IBM® Db2® is vulnerable to a denial of service when executing a specially crafted query with a small statement heap
May 27, 2026
CVSS 5.5
EPSS 0.00