ibm
8,286 tracked vulnerabilities.
CVE-2026-0992
LOW
Red Hat Enterprise Linux 6-10 - Denial of Service via XML Catalog Processing
Jan 15, 2026
CVSS 2.9
EPSS 0.00
CVE-2026-0990
MEDIUM
Red Hat Enterprise Linux 6-10 - Denial of Service via XML Catalog Delegate URI Recursion
Jan 15, 2026
CVSS 5.9
EPSS 0.01
CVE-2026-0989
LOW
Red Hat Enterprise Linux - Denial of Service via RelaxNG Parser Recursion
Jan 15, 2026
CVSS 3.7
EPSS 0.00
CVE-2025-36359
HIGH
IBM DevOps Loop is susceptible to an Insufficient Session Expiration vulnerability.
Jun 30, 2026
CVSS 8.1
EPSS 0.00
CVE-2025-36336
MEDIUM
Transmission of Sensitive Information found in Watson Data Intelligence
Jun 30, 2026
CVSS 5.9
EPSS 0.00
CVE-2025-36333
MEDIUM
Vulnerabilities found in Watson Data Intelligence
Jun 30, 2026
CVSS 4.3
EPSS 0.00
CVE-2025-36328
MEDIUM
Error Message Containing Sensitive Information found in Watson Data Intelligence
Jun 30, 2026
CVSS 4.3
EPSS 0.00
CVE-2025-36327
MEDIUM
Vulnerabilities found in Watson Data Intelligence
Jun 30, 2026
CVSS 6.5
EPSS 0.00
CVE-2025-36324
MEDIUM
Vulnerabilities found in Watson Data Intelligence
Jun 30, 2026
CVSS 4.3
EPSS 0.00
CVE-2025-36323
MEDIUM
Vulnerabilities found in Watson Data Intelligence
Jun 30, 2026
CVSS 5.4
EPSS 0.00
CVE-2025-36321
MEDIUM
Vulnerabilities found in Watson Data Intelligence
Jun 30, 2026
CVSS 5.7
EPSS 0.00
CVE-2025-36320
MEDIUM
Vulnerabilities found in Watson Data Intelligence
Jun 30, 2026
CVSS 6.4
EPSS 0.00
CVE-2025-36319
MEDIUM
Vulnerabilities found in Watson Data Intelligence
Jun 30, 2026
CVSS 4.3
EPSS 0.00
CVE-2025-12530
MEDIUM
Vulnerabilities found in Watson Data Intelligence
Jun 30, 2026
CVSS 5.9
EPSS 0.00
CVE-2025-36372
MEDIUM
IBM® Db2® could disclose sensitive information to an authenticated user from the monitoring and event tables
Jun 30, 2026
CVSS 5.5
EPSS 0.00
CVE-2025-33128
MEDIUM
IBM Engineering Lifecycle Management - Engineering Workflow Management is impacted by vulnerabilities HTML / XSS Injection observed
Jun 22, 2026
CVSS 5.4
EPSS 0.00
CVE-2025-2669
MEDIUM
IBM Db2 on Cloud Pak for Data - Improper Token Validation
Jun 22, 2026
CVSS 6.0
EPSS 0.00
CVE-2025-3633
MEDIUM
IBM Cognos Analytics is affected by multiple security vulnerabilities
May 27, 2026
CVSS 5.4
EPSS 0.00
CVE-2025-36221
MEDIUM
Vulnerabilities exists in IBM Cloud Pak for Data System (CPDS 1.0) - Cyclops.
May 26, 2026
CVSS 5.3
EPSS 0.00
CVE-2025-36220
MEDIUM
Vulnerabilities exists in IBM Cloud Pak for Data System (CPDS 1.0) - Cyclops.
May 26, 2026
CVSS 4.3
EPSS 0.00
CVE-2025-36148
MEDIUM
IBM Financial Transaction Manager for SWIFT Services for Multiplatforms is vulnerable to cross-site scripting.
May 26, 2026
CVSS 5.4
EPSS 0.00
CVE-2025-36145
MEDIUM
Multiple Vulnerabilities in watsonx.data
May 26, 2026
CVSS 5.4
EPSS 0.00
CVE-2025-36126
MEDIUM
IBM Cognos Analytics is affected by multiple security vulnerabilities
May 26, 2026
CVSS 6.4
EPSS 0.00
CVE-2025-14290
MEDIUM
IBM webMethods Integration Sever is vulnerable to server-side request forgery
May 26, 2026
CVSS 5.4
EPSS 0.00
CVE-2025-13755
MEDIUM
IBM® Db2® is vulnerable to credential exposure in db2diag when executing specific testcase buckets
May 26, 2026
CVSS 5.5
EPSS 0.00
Products
websphere_application_server 465
aix 400
db2 339
rational_quality_manager 202
sterling_b2b_integrator 195
qradar_security_information_and_event_manager 190
infosphere_information_server 189
maximo_asset_management 182
rational_doors_next_generation 153
rational_team_concert 142
rational_collaborative_lifecycle_management 141
rational_engineering_lifecycle_manager 141
websphere_portal 126
security_guardium 112
cognos_analytics 104
sterling_file_gateway 93
vios 92
rational_rhapsody_design_manager 90
security_verify_access 90
websphere_mq 89
business_process_manager 88
lotus_domino 86
api_connect 81
rational_software_architect_design_manager 81
lotus_notes 71
security_key_lifecycle_manager 70
db2_universal_database 66
concert 65
smartcloud_control_desk 65
urbancode_deploy 65
Quick Filters