243
CVEs
5
Critical
35
High
0
KEV
0
PoC
27
Unpatched C/H
39.1%
Patch Rate
0.0%
Avg EPSS
Severity Breakdown
CRITICAL
5
HIGH
35
MEDIUM
185
LOW
16
Monthly CVE Trend
Affected Products (30)
Windows
51
Concert
42
Db2
40
Sterling B2b Integrator
25
Infosphere Information Server
21
Openpages With Watson
16
Sterling File Gateway
16
Controller
15
Websphere Application Server
13
Applinx
13
Entirex
13
Cognos Controller
13
Cloud Pak For Business Automation
12
Security Verify Access
10
Planning Analytics Local
10
Qradar Security Information And Event Manager
10
Linux Kernel
9
Aspera Shares
8
Aix
8
Security Qradar Edr
8
Command Injection
8
Memory Corruption
8
Db2 Recovery Expert
7
Devops Deploy
7
Cloud Pak System
7
Urbancode Deploy
7
Cognos Analytics
7
Analytics Content Hub
6
Jazz Foundation
6
Datastage On Cloud Pak For Data
6
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2025-13375 | IBM Common Cryptographic Architecture (CCA) 7.5.52 and 8.4.82 allows unauthenticated users to execute certain cryptographic operations that should require elevated privileges. | CRITICAL | 9.8 | 0.1% | 49 |
No patch
|
| CVE-2026-1346 | Local privilege escalation to root in IBM Verify/Security Verify Access products 10.0-11.0.2 allows unauthenticated local users to gain full system control via excessive process privileges (CWE-250). The CVSS 9.3 score reflects local attack vector but no authentication requirement (PR:N) and complete system compromise with scope change. Patch available per vendor advisory. No public exploit identified at time of analysis, though the local attack vector and low complexity (AC:L) suggest straightforward exploitation once local access is obtained. | CRITICAL | 9.3 | 0.0% | 47 |
|
| CVE-2026-3357 | Remote code execution in IBM Langflow Desktop versions 1.6.0 through 1.8.2 allows authenticated attackers to execute arbitrary code via unsafe deserialization in the FAISS component. The vulnerability stems from an insecure default configuration that permits deserialization of untrusted data. With CVSS 8.8 (High) reflecting network accessibility, low complexity, and full impact on confidentiality, integrity, and availability, this represents a critical risk for organizations running affected versions. Vendor-released patch available through IBM security advisory. No public exploit identified at time of analysis, though the attack path is well-understood given the CWE-502 deserialization vulnerability class. | HIGH | 8.8 | 0.1% | 44 |
|
| CVE-2025-33015 | Concert versions up to 2.1.0 is affected by unrestricted upload of file with dangerous type (CVSS 8.8). | HIGH | 8.8 | 0.0% | 44 |
No patch
|
| CVE-2025-13689 | Datastage On Cloud Pak For Data is affected by unrestricted upload of file with dangerous type (CVSS 8.8). | HIGH | 8.8 | 0.0% | 44 |
No patch
|
| CVE-2025-13379 | IBM Aspera Console 3.4.0 through 3.4.8 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database. [CVSS 8.6 HIGH] | HIGH | 8.6 | 0.1% | 43 |
No patch
|
| CVE-2026-1342 | Local code execution in IBM Security Verify Access 10.0-10.0.9.1 and 11.0-11.0.2 (both container and non-container deployments) allows unauthenticated local attackers to execute malicious scripts from outside the application's control sphere. This CWE-829 inclusion of functionality from untrusted control sphere vulnerability achieves container escape (scope change to C in CVSS vector), enabling high confidentiality impact and limited integrity/availability impact. No public exploit or active exploitation confirmed at time of analysis, though the low attack complexity (AC:L) and lack of required privileges (PR:N) make this readily exploitable by local users. | HIGH | 8.5 | 0.0% | 43 |
No patch
|
| CVE-2024-45675 | CVE-2024-45675 is a security vulnerability (CVSS 8.4) that allows a local user. High severity vulnerability requiring prompt remediation. | HIGH | 8.4 | 0.0% | 42 |
No patch
|
| CVE-2025-12985 | IBM Licensing Operator incorrectly assigns privileges to security critical files which could allow a local root escalation inside a container running the IBM Licensing Operator image. [CVSS 8.4 HIGH] | HIGH | 8.4 | 0.0% | 42 |
No patch
|
| CVE-2026-4788 | Sensitive information disclosure in IBM Tivoli Netcool Impact versions 7.1.0.0 through 7.1.0.37 allows local attackers with no authentication required to extract credentials and configuration secrets from application log files. With CVSS 8.4 and High impact to confidentiality, integrity, and availability, the CWE-532 flaw enables privilege escalation through exposed secrets. No public exploit identified at time of analysis, with EPSS data unavailable, though the low attack complexity (AC:L) suggests straightforward exploitation once local access is obtained. | HIGH | 8.4 | 0.0% | 42 |
|
| CVE-2025-14115 | Direct for UNIX Container 6.3.0.0 versions up to 6.3.0.6 is affected by use of hard-coded credentials (CVSS 8.4). | HIGH | 8.4 | 0.0% | 42 |
No patch
|
| CVE-2025-36384 | Db2 contains a vulnerability that allows attackers to a local user with filesystem access to escalate their privileges due to the use (CVSS 8.4). | HIGH | 8.4 | 0.0% | 42 |
|
| CVE-2026-4101 | Authentication bypass in IBM Verify Identity Access and IBM Security Verify Access (versions 10.0-10.0.9.1 and 11.0-11.0.2, both container and non-container deployments) allows remote attackers to gain unauthorized access under specific high-load conditions without authentication. The vulnerability carries an EPSS score indicating moderate exploitation probability, with vendor patch available but no confirmed active exploitation or public proof-of-concept at time of analysis. Attack complexity is rated high (AC:H), suggesting exploitation requires specific timing or environmental conditions related to load stress. | HIGH | 8.1 | 0.1% | 41 |
|
| CVE-2025-13691 | IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 returns sensitive information in an HTTP response that could be used to impersonate other users in the system. [CVSS 8.1 HIGH] | HIGH | 8.1 | 0.0% | 41 |
No patch
|
| CVE-2025-13855 | SQL injection in IBM Storage Protect Server 8.2.0 and Storage Protect Plus Server allows authenticated remote attackers to execute arbitrary SQL commands against the back-end database, enabling unauthorized data access, modification, or deletion. The vulnerability requires low attack complexity and low-level privileges (CVSS 7.6, PR:L), making it exploitable by any authenticated user. No public exploit identified at time of analysis, though SQL injection techniques are well-documented. EPSS data not provided, but SQL injection vulnerabilities historically see moderate exploitation rates when authentication barriers are low. | HIGH | 7.6 | 0.1% | 38 |
|