Where
AND
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how ibm compares to other vendors in security performance

View Risk Score →

Software

ibm aix
82
ibm websphere application server feature pack for web services
44
ibm cognos analytics
35
ibm infosphere data architect
35
ibm data risk manager
22
ibm tivoli storage manager fastback
22
ibm storage protect plus
21
ibm db2 universal database
19
ibm lotus notes
19
ibm qradar security information and event manager
18
ibm concert software
17
ibm lotus domino mail server
17
ibm notes
17
ibm lotus domino
15
ibm cloud pak for security
14
ibm infosphere guardium z/os
12
ibm security verify access
12
ibm java
11
ibm security guardium
11
ibm security verify governance
10
ibm cognos controller
9
ibm infosphere information server
9
ibm watsonx.data intelligence
9
ibm i2 analyst's notebook premium
8
ibm tivoli storage manager
8
ibm websphere
8
ibm api connect
7
ibm cloud pak system
7
ibm security qradar
7
ibm security verify governance - identity manager
7
ibm spectrum protect
7
ibm cloud pak for business automation
6
ibm edge application manager
6
ibm maximo asset management
6
ibm qradar siem
6
ibm security verify access oidc provider
6
ibm tivoli monitoring
6
ibm websphere application server
6
ibm aspera faspex on demand
5
ibm cloud pak for security (cp4s)
5
ibm engineering requirements management doors web access
5
ibm forms viewer
5
ibm planning analytics cloud
5
ibm rational doors
5
ibm rational doors web access
5
ibm security verify governance identity manager container
5
ibm security verify governance, identity manager software stack
5
ibm security verify governance, identity manager virtual appliance
5
ibm aspera faspex
4
ibm b2b sterling integrator
4

IBM Total Storage Service ConsoleTSSC/IMC is vulnerable to OS Command Injection

Risk 61
Severity
9.8
EPSS
0.06%
First published (updated )
CVE-2026-5935

IBM iIBM i is affected by a privilege escalation vulnerability in Web Administration GUI []

Risk 86
Severity
9.8
First published (updated )
CVE-2026-2311

IBM Verify Identity Access ContainerSecurity Vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access

Risk 61
Severity
9.8
EPSS
0.11%
First published (updated )
CVE-2026-4101

IBM Verify Identity Access ContainerSecurity Vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access

Risk 77
Severity
9.3
First published (updated )
CVE-2026-1346

IBM WebSphere Application Server - LibertyIBM WebSphere Application Server Liberty could provide weaker than expected security

Risk 86
Severity
9.8
First published (updated )
CVE-2025-14917
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

IBM DB2 Recovery ExpertIBM Db2 Recovery Expert Missing Integrity Check

Risk 47
Severity
9.1
EPSS
0.01%
First published (updated )
CVE-2026-3856

npm/undiciundici is vulnerable to Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Risk 86
Severity
9.8
First published (updated )
CVE-2026-1525

IBM WebSphere Application Server - LibertyIBM WebSphere Application Server Liberty could provide weaker than expected security

Risk 86
Severity
9.8
First published (updated )
CVE-2025-14923

npm/fast-xml-parserfast-xml-parser has an entity encoding bypass via regex injection in DOCTYPE entity names

Risk 43
Severity
9.3
EPSS
0.04%
First published (updated )
CVE-2026-25896

npm/swiperSwiper has a Prototype Pollution Vulnerability

Risk 57
Severity
9.4
EPSS
0.06%
First published (updated )
CVE-2026-27212
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

nltk/nltkZip Slip Vulnerability in nltk/nltk Leading to Remote Code Execution

Risk 87
Severity
10
First published (updated )
CVE-2025-14009

IBM Concert SoftwareMultiple Vulnerabilities in IBM Concert Software.

Risk 86
Severity
9.8
First published (updated )
CVE-2025-33089

IBM Common Cryptographic ArchitectureIBM Common Cryptographic Architecture Arbitrary Command Execution

Risk 86
Severity
9.8
First published (updated )
CVE-2025-13375

IBM ApplinXMultiple vulnerabilities found in IBM ApplinX.

Risk 86
Severity
9.8
First published (updated )
CVE-2025-36418

npm/langchainLangChain serialization injection vulnerability enables secret extraction

Risk 66
Severity
9.1
First published (updated )
CVE-2025-68665
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

pip/langchain-coreLangChain serialization injection vulnerability enables secret extraction in dumps/loads APIs

Risk 70
Severity
9.3
Exploited
First published (updated )
CVE-2025-68664

IBM API ConnectAuthentication bypass in IBM API Connect

Risk 90
Severity
9.8
First published (updated )
CVE-2025-13915

Apache Commons TextCode Injection

Risk 86
Severity
9.8
First published (updated )
CVE-2025-46295

fontTools FontToolsfontTools is Vulnerable to Arbitrary File Write and XML injection in fontTools.varLib

Risk 86
Severity
9.8
First published (updated )
CVE-2025-66034

Eclipse JerseyRace Condition allows Bypass of Trust Restrictions

Risk 61
Severity
9.4
First published (updated )
CVE-2025-12383
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

IBM AIXAIX Path Traversal

Risk 66
Severity
9.1
First published (updated )
CVE-2025-36236

IBM AIXAIX Code Execution

Risk 87
Severity
10
First published (updated )
CVE-2025-36250

IBM AIXAIX Insufficiently Protected Credentials

Risk 78
Severity
9
First published (updated )
CVE-2025-36096

IBM AIXAIX Command Execution

Risk 86
Severity
9.8
First published (updated )
CVE-2025-36251

Django DjangoPotential SQL injection via _connector keyword argument in QuerySet and Q objects

Risk 76
Severity
9.1
Exploited
First published (updated )
CVE-2025-64459
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

npm/expr-eval-forkCode Injection, Input Validation

Risk 91
Severity
9.8
First published (updated )
CVE-2025-12735

IBM InfoSphere Information ServerIBM InfoSphere Information Server is affected by an XML external entity injection (XXE) vulnerability

Risk 66
Severity
9.1
First published (updated )
CVE-2025-12531

redhat JBoss Enterprise Application PlatformUndertow-core: undertow http server fails to reject malformed host headers leading to potential cache poisoning and ssrf

Risk 76
Severity
9.6
First published (updated )
CVE-2025-12543

IBM Tivoli MonitoringIBM Tivoli Monitoring is vulnerable to unauthenticated file read and write operations

Risk 86
Severity
9.8
First published (updated )
CVE-2025-3356

IBM Maximo Application SuiteThere is a vulnerability in the IBM Maximo Manage application in IBM Maximo Application Suite for Cognos Analytics

Risk 86
Severity
9.8
First published (updated )
CVE-2025-36386
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203