ibm
8,286 tracked vulnerabilities.
CVE-2026-7870
HIGH
IBM i 7.3-7.6 - Admin Privilege Escalation via Unqualified Library Call
Jun 11, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-7787
HIGH
IBM Langflow OSS - Unauthenticated Session History Access via Public Flow Execution
Jun 11, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-4096
MEDIUM
IBM DevOps Plan 3.0.0-3.0.6 - Host Header Injection
Jun 11, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-3341
MEDIUM
IBM Langflow Desktop 1.0.0 - 1.9.2 DNS Rebinding Bypasses SSRF Protection Allowing Access to Internal Services
Jun 11, 2026
CVSS 5.4
EPSS 0.00
CVE-2026-9330
HIGH
IBM WebSphere Application Server 8.5 and 9.0 - Remote Code Execution via SAML Web SSO Deserialization
Jun 01, 2026
CVSS 8.5
EPSS 0.00
CVE-2026-9319
CRITICAL
IBM WebSphere Application Server 8.5 and 9.0 - Remote Code Execution via JAX-WS Endpoint Deserialization
Jun 01, 2026
CVSS 9.0
EPSS 0.00
CVE-2026-9311
CRITICAL
IBM WebSphere Application Server 8.5 and 9.0 - Remote Code Execution via Security Control Bypass
Jun 01, 2026
CVSS 9.0
EPSS 0.01
CVE-2026-8644
CRITICAL
IBM WebSphere Application Server 8.5 and 9.0 - Authentication Bypass by Spoofing
Jun 01, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-7770
HIGH
IBM i Access Client Solutions 1.1.5.0-1.1.9.12 - Remote Code Execution via IBM i Navigator Request Handling
Jun 01, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-1248
MEDIUM
IBM Business Automation Workflow information leak
May 27, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-9035
MEDIUM
IBM Aspera High-Speed Transfer Endpoint - Multiple Vulnerabilities in Aspera applications.
May 27, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-8405
MEDIUM
IBM Guardium Data Protection is affected by Exposure of Sensitive Information vulnerability
May 27, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-8180
HIGH
IBM Aspera High-Speed Transfer Endpoint - Multiple Vulnerabilities in Aspera applications.
May 27, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-8179
HIGH
IBM Aspera High-Speed Transfer Endpoint - Multiple Vulnerabilities in Aspera applications.
May 27, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-8175
CRITICAL
IBM Aspera High-Speed Transfer Endpoint - Multiple Vulnerabilities in Aspera applications.
May 27, 2026
CVSS 9.8
EPSS 0.01
CVE-2026-7876
CRITICAL
Authentication bypass vulnerability found in Aspera High-Speed Transfer Server for Cloud Pak for Integration
May 27, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-7528
HIGH
Unauthenticated File Upload Vulnerability Allows Disk Space Exhaustion and Path Disclosure in Langflow OSS
May 27, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-7524
CRITICAL
Path Traversal Vulnerability in File Processing Components Allows Unauthorized File System Access and Potential Remote Code Execution
May 27, 2026
CVSS 9.8
EPSS 0.01
CVE-2026-7365
HIGH
IBM Operations Analytics - Log Analysis is affected by Information disclosure due to default passwords not being forced to be changed on post-installation
May 27, 2026
CVSS 8.4
EPSS 0.00
CVE-2026-7254
MEDIUM
IBM Openbmc < FW1110.11 - Denial of Service
May 27, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-6938
MEDIUM
IBM® Db2® is vulnerable to authorization bypass when uploading to a remote object storage path with a special query
May 27, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-6936
MEDIUM
IBM i is Affected by a Denial of Service Vulnerability []
May 27, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-6053
MEDIUM
IBM® Db2® is vulnerable to a denial of service when a specially crafted query is run with range partitioned tables
May 27, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-6052
MEDIUM
IBM® Db2® is vulnerable to running out of memory when executing certain queries with MDC tables
May 27, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-6051
MEDIUM
IBM® Db2® is vulnerable to a denial of service when executing a specially crafted query with a small statement heap
May 27, 2026
CVSS 5.5
EPSS 0.00
Products
websphere_application_server 465
aix 400
db2 339
rational_quality_manager 202
sterling_b2b_integrator 195
qradar_security_information_and_event_manager 190
infosphere_information_server 189
maximo_asset_management 182
rational_doors_next_generation 153
rational_team_concert 142
rational_collaborative_lifecycle_management 141
rational_engineering_lifecycle_manager 141
websphere_portal 126
security_guardium 112
cognos_analytics 104
sterling_file_gateway 93
vios 92
rational_rhapsody_design_manager 90
security_verify_access 90
websphere_mq 89
business_process_manager 88
lotus_domino 86
api_connect 81
rational_software_architect_design_manager 81
lotus_notes 71
security_key_lifecycle_manager 70
db2_universal_database 66
concert 65
smartcloud_control_desk 65
urbancode_deploy 65
Quick Filters