257
CVEs
5
Critical
42
High
0
KEV
0
PoC
28
Unpatched C/H
45.5%
Patch Rate
0.0%
Avg EPSS
Severity Breakdown
CRITICAL
5
HIGH
42
MEDIUM
192
LOW
16
Monthly CVE Trend
Affected Products (30)
Windows
51
Concert
42
Db2
40
Sterling B2b Integrator
25
Infosphere Information Server
21
Openpages With Watson
16
Sterling File Gateway
16
Controller
15
Cognos Controller
13
Entirex
13
Websphere Application Server
13
Applinx
13
Cloud Pak For Business Automation
12
Security Verify Access
10
Planning Analytics Local
10
Qradar Security Information And Event Manager
10
Aix
8
Aspera Shares
8
Linux Kernel
8
Security Qradar Edr
8
Cognos Analytics
7
Db2 Recovery Expert
7
Urbancode Deploy
7
Cloud Pak System
7
Devops Deploy
7
Datastage On Cloud Pak For Data
6
Business Automation Workflow
6
Maximo Application Suite
6
Security Verify Access Docker
6
Txseries For Multiplatforms
6
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2025-13375 | IBM Common Cryptographic Architecture (CCA) 7.5.52 and 8.4.82 allows unauthenticated users to execute certain cryptographic operations that should require elevated privileges. | CRITICAL | 9.8 | 0.1% | 49 |
No patch
|
| CVE-2026-8175 | Remote code execution and authentication bypass are possible in IBM Aspera High-Speed Transfer Server and High-Speed Transfer Endpoint (versions 3.7.4 through 4.4.7 Fix Pack 1) through a heap-based buffer overflow in the asperahttpd component. An unauthenticated network attacker can corrupt memory to crash the service (denial of service) and, in the worst case, hijack execution flow to run arbitrary code or bypass authentication. There is no public exploit identified at time of analysis and SSVC lists exploitation as none, but the CVSS 9.8 rating and 'Automatable: yes' assessment mark this as a high-priority patching target. | CRITICAL | 9.8 | 0.4% | 49 |
No patch
|
| CVE-2026-7524 | Remote code execution in IBM Langflow OSS versions 1.0.0 through 1.9.1 lets unauthenticated network attackers run arbitrary code by abusing how the platform handles symbolic links while unpacking uploaded archives. Because extraction does not properly validate symlink targets, a crafted archive can write files outside the intended directory and ultimately achieve code execution on the host. The flaw carries a critical CVSS 9.8 (AV:N/AC:L/PR:N/UI:N) and is reachable without authentication or user interaction, though no public exploit identified at time of analysis. | CRITICAL | 9.8 | 0.3% | 49 |
No patch
|
| CVE-2026-1346 | Local privilege escalation to root in IBM Verify/Security Verify Access products 10.0-11.0.2 allows unauthenticated local users to gain full system control via excessive process privileges (CWE-250). The CVSS 9.3 score reflects local attack vector but no authentication requirement (PR:N) and complete system compromise with scope change. Patch available per vendor advisory. No public exploit identified at time of analysis, though the local attack vector and low complexity (AC:L) suggest straightforward exploitation once local access is obtained. | CRITICAL | 9.3 | 0.0% | 47 |
|
| CVE-2026-7876 | Authentication bypass in IBM Aspera High-Speed Transfer Server for Cloud Pak for Integration (CP4I) versions 1.5.1 through 1.5.19 allows remote attackers to access and modify protected resources without valid credentials, scoring CVSS 9.1 critical. The flaw exposes confidential file transfer data and permits unauthorized modification of integrity-protected assets across all affected releases. No public exploit identified at time of analysis, and EPSS predicts only a 0.02% near-term exploitation probability despite the high severity rating. | CRITICAL | 9.1 | 0.0% | 46 |
No patch
|
| CVE-2026-3357 | Remote code execution in IBM Langflow Desktop versions 1.6.0 through 1.8.2 allows authenticated attackers to execute arbitrary code via unsafe deserialization in the FAISS component. The vulnerability stems from an insecure default configuration that permits deserialization of untrusted data. With CVSS 8.8 (High) reflecting network accessibility, low complexity, and full impact on confidentiality, integrity, and availability, this represents a critical risk for organizations running affected versions. Vendor-released patch available through IBM security advisory. No public exploit identified at time of analysis, though the attack path is well-understood given the CWE-502 deserialization vulnerability class. | HIGH | 8.8 | 0.1% | 44 |
|
| CVE-2025-33015 | Concert versions up to 2.1.0 is affected by unrestricted upload of file with dangerous type (CVSS 8.8). | HIGH | 8.8 | 0.0% | 44 |
No patch
|
| CVE-2025-13689 | Datastage On Cloud Pak For Data is affected by unrestricted upload of file with dangerous type (CVSS 8.8). | HIGH | 8.8 | 0.0% | 44 |
No patch
|
| CVE-2026-6543 | Remote code execution in IBM Langflow Desktop 1.0.0 through 1.8.4 allows authenticated attackers to execute arbitrary commands at the privilege level of the Langflow process. Attackers can exfiltrate API keys and database credentials from environment variables, modify application files, or pivot to internal network targets. IBM has released a vendor patch addressing this code injection vulnerability. No active exploitation confirmed by CISA KEV at time of analysis, though CVSS 8.8 severity and low attack complexity indicate high exploitability once authenticated access is obtained. | HIGH | 8.8 | 0.0% | 44 |
|
| CVE-2026-6389 | Privilege escalation in IBM Turbonomic prometurbo agent allows compromised service accounts to exfiltrate cluster-wide Kubernetes secrets and achieve full cluster takeover. Affects versions 8.16.0 through 8.17.6 deployed in Kubernetes environments. The operator grants excessive RBAC permissions enabling unrestricted read access to all secrets cluster-wide. CVSS 8.8 indicates high severity with scope change to container/cluster level. No active exploitation confirmed (not in CISA KEV), but the attack path from service account compromise to cluster admin is well-understood in Kubernetes threat models. | HIGH | 8.8 | 0.0% | 44 |
|
| CVE-2026-8179 | Arbitrary code execution in IBM Aspera High-Speed Transfer Server and Endpoint (versions 3.7.4 through 4.4.7 Fix Pack 1) arises from a stack-based buffer overflow in the asperahttpd component. An authenticated user with network access can corrupt memory in this HTTP handling component to run code in the context of the service, fully compromising confidentiality, integrity, and availability (CVSS 8.8). No public exploit has been identified at time of analysis, and the CVE is not listed in CISA KEV; EPSS data was not provided. | HIGH | 8.8 | 0.1% | 44 |
No patch
|
| CVE-2026-5065 | Hard-coded credentials in IBM Controller (versions 11.0.1, 11.1.0, 11.1.1, and 11.1.2) give attackers a static, embedded secret - a password or cryptographic key - that the product uses for inbound authentication, outbound communication, or encryption of internal data. Because the credential is the same across every deployment, an attacker who already holds low-level access (CVSS PR:L) can leverage it to gain full confidentiality, integrity, and availability impact (C:H/I:H/A:H) over the network. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV. | HIGH | 8.8 | 0.0% | 44 |
No patch
|
| CVE-2025-13379 | IBM Aspera Console 3.4.0 through 3.4.8 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database. [CVSS 8.6 HIGH] | HIGH | 8.6 | 0.1% | 43 |
No patch
|
| CVE-2026-1342 | Local code execution in IBM Security Verify Access 10.0-10.0.9.1 and 11.0-11.0.2 (both container and non-container deployments) allows unauthenticated local attackers to execute malicious scripts from outside the application's control sphere. This CWE-829 inclusion of functionality from untrusted control sphere vulnerability achieves container escape (scope change to C in CVSS vector), enabling high confidentiality impact and limited integrity/availability impact. No public exploit or active exploitation confirmed at time of analysis, though the low attack complexity (AC:L) and lack of required privileges (PR:N) make this readily exploitable by local users. | HIGH | 8.5 | 0.0% | 43 |
No patch
|
| CVE-2024-45675 | CVE-2024-45675 is a security vulnerability (CVSS 8.4) that allows a local user. High severity vulnerability requiring prompt remediation. | HIGH | 8.4 | 0.0% | 42 |
No patch
|