Search

Find a vulnerability

Search criteria

    7963 vulnerabilities

    CVE-2026-13445 (GCVE-0-2026-13445)

    Vulnerability from cvelistv5 – Published: 2026-07-17 20:44 – Updated: 2026-07-17 20:44
    VLAI
    Title
    Langflow is affected by remote code execution, denial of service, path traversal, and exposed credentials due to multiple unauthenticated and insufficiently authorized API endpoints
    Summary
    IBM Langflow OSS 1.0.0 through 1.10.1 can allow an authenticated attacker to exploit the SaveToFile component to read and modify another user's uploaded files by specifying absolute paths pointing to victim storage locations. In append mode, the attacker's workflow reads victim file contents, appends attacker-controlled data, and uploads a copy containing victim data to the attacker's namespace (confidentiality breach). In overwrite mode, the attacker can replace victim file contents with arbitrary data (integrity breach). This breaks the storage ownership boundary between users.
    CWE
    • CWE-639 - Authorization Bypass Through User-Controlled Key
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7279990 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Langflow OSS Affected: 1.0.0 , ≤ 1.10.1 (semver)
        cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:langflow_oss:1.10.1:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:langflow_oss:1.10.1:*:*:*:*:*:*:*"
              ],
              "product": "Langflow OSS",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "1.10.1",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Langflow OSS 1.0.0 through 1.10.1 can allow an authenticated attacker to exploit the SaveToFile component to read and modify another user\u0027s uploaded files by specifying absolute paths pointing to victim storage locations. In append mode, the attacker\u0027s workflow reads victim file contents, appends attacker-controlled data, and uploads a copy containing victim data to the attacker\u0027s namespace (confidentiality breach). In overwrite mode, the attacker can replace victim file contents with arbitrary data (integrity breach). This breaks the storage ownership boundary between users.\u003c/p\u003e"
                }
              ],
              "value": "IBM Langflow OSS 1.0.0 through 1.10.1 can allow an authenticated attacker to exploit the SaveToFile component to read and modify another user\u0027s uploaded files by specifying absolute paths pointing to victim storage locations. In append mode, the attacker\u0027s workflow reads victim file contents, appends attacker-controlled data, and uploads a copy containing victim data to the attacker\u0027s namespace (confidentiality breach). In overwrite mode, the attacker can replace victim file contents with arbitrary data (integrity breach). This breaks the storage ownership boundary between users."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-639",
                  "description": "CWE-639 Authorization Bypass Through User-Controlled Key",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T20:44:38.924Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7279990"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM strongly recommends addressing the vulnerability now by upgrading \u003ca href=\"https://pypi.org/project/langflow/\" rel=\"nofollow\"\u003eLangflow OSS to version 1.10.2\u003c/a\u003e\u003c/p\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now by upgrading  Langflow OSS to version 1.10.2 https://pypi.org/project/langflow/"
            }
          ],
          "title": "Langflow is affected by remote code execution, denial of service, path traversal, and exposed credentials due to multiple unauthenticated and insufficiently authorized API endpoints",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-13445",
        "datePublished": "2026-07-17T20:44:38.924Z",
        "dateReserved": "2026-06-26T16:40:55.714Z",
        "dateUpdated": "2026-07-17T20:44:38.924Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-13446 (GCVE-0-2026-13446)

    Vulnerability from cvelistv5 – Published: 2026-07-17 20:43 – Updated: 2026-07-17 20:43
    VLAI
    Title
    Langflow is affected by remote code execution, denial of service, path traversal, and exposed credentials due to multiple unauthenticated and insufficiently authorized API endpoints
    Summary
    IBM Langflow OSS 1.0.0 through 1.10.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.
    CWE
    • CWE-798 - Use of Hard-coded Credentials
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7279991 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Langflow OSS Affected: 1.0.0 , ≤ 1.10.1 (semver)
        cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:langflow_oss:1.10.1:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:langflow_oss:1.10.1:*:*:*:*:*:*:*"
              ],
              "product": "Langflow OSS",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "1.10.1",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Langflow OSS 1.0.0 through 1.10.1 contains\u0026nbsp;hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.\u003c/p\u003e"
                }
              ],
              "value": "IBM Langflow OSS 1.0.0 through 1.10.1 contains\u00a0hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-798",
                  "description": "CWE-798 Use of Hard-coded Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T20:43:49.355Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7279991"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM strongly recommends addressing the vulnerability now by upgrading \u003ca href=\"https://pypi.org/project/langflow/\" rel=\"nofollow\"\u003eLangflow OSS to version 1.10.2\u003c/a\u003e\u003c/p\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now by upgrading Langflow OSS to version 1.10.2"
            }
          ],
          "title": "Langflow is affected by remote code execution, denial of service, path traversal, and exposed credentials due to multiple unauthenticated and insufficiently authorized API endpoints",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-13446",
        "datePublished": "2026-07-17T20:43:49.355Z",
        "dateReserved": "2026-06-26T16:43:04.516Z",
        "dateUpdated": "2026-07-17T20:43:49.355Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-13448 (GCVE-0-2026-13448)

    Vulnerability from cvelistv5 – Published: 2026-07-17 20:03 – Updated: 2026-07-17 20:03
    VLAI
    Title
    Langflow is affected by remote code execution, denial of service, path traversal, and exposed credentials due to multiple unauthenticated and insufficiently authorized API endpoints
    Summary
    IBM Langflow OSS 1.0.0 through 1.10.1 Lanflow OSS contains an unauthenticated remote code execution vulnerability in the public flow build endpoint ( /api/v1/build_public_tmp/{flow_id}/flow ). The vulnerability stems from an incomplete denylist in the validate_public_flow_no_code_execution() function that fails to block several code-execution agent components including OpenDsStarAgent, CodeActAgentSmolagents, and CSVAgent.
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7279997 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Langflow OSS Affected: 1.0.0 , ≤ 1.10.1 (semver)
        cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:langflow_oss:1.10.1:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:langflow_oss:1.10.1:*:*:*:*:*:*:*"
              ],
              "product": "Langflow OSS",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "1.10.1",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Langflow OSS 1.0.0 through 1.10.1 Lanflow OSS contains an unauthenticated remote code execution vulnerability in the public flow build endpoint ( /api/v1/build_public_tmp/{flow_id}/flow ). The vulnerability stems from an incomplete denylist in the validate_public_flow_no_code_execution() function that fails to block several code-execution agent components including OpenDsStarAgent, CodeActAgentSmolagents, and CSVAgent.\u003c/p\u003e"
                }
              ],
              "value": "IBM Langflow OSS 1.0.0 through 1.10.1 Lanflow OSS contains an unauthenticated remote code execution vulnerability in the public flow build endpoint ( /api/v1/build_public_tmp/{flow_id}/flow ). The vulnerability stems from an incomplete denylist in the validate_public_flow_no_code_execution() function that fails to block several code-execution agent components including OpenDsStarAgent, CodeActAgentSmolagents, and CSVAgent."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T20:03:30.430Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7279997"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM strongly recommends addressing the vulnerability now by upgrading \u003ca href=\"https://pypi.org/project/langflow/\" rel=\"nofollow\"\u003eLangflow OSS to version 1.10.2\u003c/a\u003e\u003c/p\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now by upgrading  Langflow OSS to version 1.10.2 https://pypi.org/project/langflow/"
            }
          ],
          "title": "Langflow is affected by remote code execution, denial of service, path traversal, and exposed credentials due to multiple unauthenticated and insufficiently authorized API endpoints",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-13448",
        "datePublished": "2026-07-17T20:03:30.430Z",
        "dateReserved": "2026-06-26T16:47:23.234Z",
        "dateUpdated": "2026-07-17T20:03:30.430Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-13473 (GCVE-0-2026-13473)

    Vulnerability from cvelistv5 – Published: 2026-07-17 19:58 – Updated: 2026-07-17 19:58
    VLAI
    Title
    IBM Storage Protect Client is vulnerable to Heap-Based Buffer Overflow
    Summary
    IBM Storage Protect Client 8.1.0.0 through 8.1.27.0, 8.1.27.1, and 8.2.0.0 through 8.2.1.0 IBM Storage Protect is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash.
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7279728 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Storage Protect Client Affected: 8.1.0.0 , ≤ 8.1.27.0, 8.1.27.1 (semver)
    Affected: 8.2.0.0 , ≤ 8.2.1.0 (semver)
        cpe:2.3:a:ibm:storage_protect_client:8.1.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:storage_protect_client:8.1.27.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:storage_protect_client:8.2.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:storage_protect_client:8.2.1.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    The vulnerability was reported to IBM by Pétur Eyþórsson and Cristie Nordic.
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:storage_protect_client:8.1.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:storage_protect_client:8.1.27.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:storage_protect_client:8.2.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:storage_protect_client:8.2.1.0:*:*:*:*:*:*:*"
              ],
              "product": "Storage Protect Client",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "8.1.27.0, 8.1.27.1",
                  "status": "affected",
                  "version": "8.1.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.2.1.0",
                  "status": "affected",
                  "version": "8.2.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "The vulnerability was reported to IBM by P\u00e9tur Ey\u00fe\u00f3rsson and Cristie Nordic."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Storage Protect Client 8.1.0.0 through 8.1.27.0, 8.1.27.1, and 8.2.0.0 through 8.2.1.0 IBM Storage Protect is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash.\u003c/p\u003e"
                }
              ],
              "value": "IBM Storage Protect Client 8.1.0.0 through 8.1.27.0, 8.1.27.1, and 8.2.0.0 through 8.2.1.0 IBM Storage Protect is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T19:58:31.025Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7279728"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM strongly recommends addressing the vulnerability now.\u003c/p\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cstrong\u003eProduct\u003c/strong\u003e\u003c/td\u003e\u003ctd\u003e\u003cstrong\u003eFixing level\u003c/strong\u003e\u003c/td\u003e\u003ctd\u003e\u003cstrong\u003ePlatforms\u003c/strong\u003e\u003c/td\u003e\u003ctd\u003e\u003cstrong\u003eLink to fix and instructions\u003c/strong\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Storage Protect Client\u003c/td\u003e\u003ctd\u003e8.2.1.2\u003c/td\u003e\u003ctd\u003eWindows\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.ibm.com/support/pages/node/7267111\" rel=\"nofollow\"\u003ehttps://www.ibm.com/support/pages/node/7267111\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003cdiv\u003e\u003c/div\u003e\u003cp\u003eDetails about the upgrade path to be followed for IBM Storage Protect Backup-Archive Client:\u003c/p\u003e\u003cp\u003eManual Upgrade:\u003c/p\u003e\u003cdiv\u003e\u003ctable\u003e\u003ccolgroup\u003e\u003ccol/\u003e\u003ccol/\u003e\u003c/colgroup\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cstrong\u003eCurrent version\u00a0\u003c/strong\u003e\u003c/td\u003e\u003ctd\u003e\u003cstrong\u003eUpgrade Path\u003c/strong\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e8.1.0.0 - 8.1.27.0, 8.1.27.1\u003c/td\u003e\u003ctd\u003e8.1.0.0 to 8.2.1.0 to 8.2.1.2\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e8.2.0.0 - 8.2.1.0\u003c/td\u003e\u003ctd\u003e8.2.0.0 to 8.2.1.2\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003cp\u003eUpgrade via Client Auto Deploy\u00a0\u003c/p\u003e\u003cdiv\u003e\u003ctable\u003e\u003ccolgroup\u003e\u003ccol/\u003e\u003ccol/\u003e\u003c/colgroup\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e8.1.0.0 - 8.1.27.0, 8.1.27.1\u003c/td\u003e\u003ctd\u003e8.1.27.0 to 8.2.0.0 to 8.2.1.2 , 8.1.27.1 to 8.2.0.0 to 8.2.1.2\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e8.2.0.0\u003c/td\u003e\u003ctd\u003e8.2.1.2\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now.\n\nProductFixing levelPlatformsLink to fix and instructionsIBM Storage Protect Client8.2.1.2Windows https://www.ibm.com/support/pages/node/7267111 \n\n\n\n\n\nDetails about the upgrade path to be followed for IBM Storage Protect Backup-Archive Client:\n\n\n\nManual Upgrade:\n\nCurrent version\u00a0Upgrade Path8.1.0.0 - 8.1.27.0, 8.1.27.18.1.0.0 to 8.2.1.0 to 8.2.1.28.2.0.0 - 8.2.1.08.2.0.0 to 8.2.1.2\n\n\n\nUpgrade via Client Auto Deploy\u00a0\n\n8.1.0.0 - 8.1.27.0, 8.1.27.18.1.27.0 to 8.2.0.0 to 8.2.1.2 , 8.1.27.1 to 8.2.0.0 to 8.2.1.28.2.0.08.2.1.2"
            }
          ],
          "title": "IBM Storage Protect Client is vulnerable to Heap-Based Buffer Overflow",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-13473",
        "datePublished": "2026-07-17T19:58:31.025Z",
        "dateReserved": "2026-06-26T21:18:23.722Z",
        "dateUpdated": "2026-07-17T19:58:31.025Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-14499 (GCVE-0-2026-14499)

    Vulnerability from cvelistv5 – Published: 2026-07-17 19:57 – Updated: 2026-07-17 19:57
    VLAI
    Title
    Langflow is affected by remote code execution, denial of service, path traversal, and exposed credentials due to multiple unauthenticated and insufficiently authorized API endpoints
    Summary
    IBM Langflow OSS 1.0.0 through 1.10.1 Langflow could allow an authenticated user to execute arbitrary commands with elevated privileges on the system due to improper validation of user supplied input in the Python Interpreter component.
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7279996 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Langflow OSS Affected: 1.0.0 , ≤ 1.10.1 (semver)
        cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:langflow_oss:1.10.1:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:langflow_oss:1.10.1:*:*:*:*:*:*:*"
              ],
              "product": "Langflow OSS",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "1.10.1",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Langflow OSS 1.0.0 through 1.10.1 Langflow could allow an authenticated user to execute arbitrary commands with elevated privileges on the system due to improper validation of user supplied input in the Python Interpreter component.\u003c/p\u003e"
                }
              ],
              "value": "IBM Langflow OSS 1.0.0 through 1.10.1 Langflow could allow an authenticated user to execute arbitrary commands with elevated privileges on the system due to improper validation of user supplied input in the Python Interpreter component."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T19:57:05.308Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7279996"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM strongly recommends addressing the vulnerability now by upgrading \u003ca href=\"https://pypi.org/project/langflow/\" rel=\"nofollow\"\u003eLangflow OSS to version 1.10.2\u003c/a\u003e\u003c/p\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now by upgrading  Langflow OSS to version 1.10.2 https://pypi.org/project/langflow/"
            }
          ],
          "title": "Langflow is affected by remote code execution, denial of service, path traversal, and exposed credentials due to multiple unauthenticated and insufficiently authorized API endpoints",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-14499",
        "datePublished": "2026-07-17T19:57:05.308Z",
        "dateReserved": "2026-07-02T17:55:22.464Z",
        "dateUpdated": "2026-07-17T19:57:05.308Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-14501 (GCVE-0-2026-14501)

    Vulnerability from cvelistv5 – Published: 2026-07-17 19:55 – Updated: 2026-07-17 19:55
    VLAI
    Title
    Use of Potentially Dangerous Functionthat in IBM Db2 Genius Hub
    Summary
    IBM Db2 Genius Hub 1.1, 1.1.1, 1.1.2 and IBM Agentics 1.0 could allow an attacker to execute arbitrary code or obtain sensitive information due to the use of dangerous functions without sufficient restrictions.
    CWE
    • CWE-676 - Use of Potentially Dangerous Function
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7279901 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Db2 Genius Hub Affected: 1.1, 1.1.1, 1.1.2
        cpe:2.3:a:ibm:db2_genius_hub:1.1:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:db2_genius_hub:1.1.0:*:*:*:*:*:*:*
    Create a notification for this product.
    IBM Agentics Affected: 1.0
        cpe:2.3:a:ibm:agentics:1.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:agentics:1.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:db2_genius_hub:1.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:db2_genius_hub:1.1.0:*:*:*:*:*:*:*"
              ],
              "product": "Db2 Genius Hub",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.1, 1.1.1, 1.1.2"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:ibm:agentics:1.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:agentics:1.0.0:*:*:*:*:*:*:*"
              ],
              "product": "Agentics",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Db2 Genius Hub 1.1, 1.1.1, 1.1.2 and IBM Agentics 1.0 could allow an attacker to execute arbitrary code or obtain sensitive information due to the use of dangerous functions without sufficient restrictions.\u003c/p\u003e"
                }
              ],
              "value": "IBM Db2 Genius Hub 1.1, 1.1.1, 1.1.2 and IBM Agentics 1.0 could allow an attacker to execute arbitrary code or obtain sensitive information due to the use of dangerous functions without sufficient restrictions."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-676",
                  "description": "CWE-676 Use of Potentially Dangerous Function",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T19:55:50.177Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7279901"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eIBM strongly recommends addressing the vulnerability now.\u003c/p\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eProduct\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eVersion impacted\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eRemediation\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eIBM Db2 Genius Hub \u0026amp; Agentics\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e1.1, 1.1.1, 1.1.2\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eUpgrade to: IBM Db2 Genius Hub 1.1.3\u003cbr/\u003e\u003cbr/\u003e\u003ca href=\"https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther%20software\u0026amp;product=ibm/Information+Management/IBM+Db2+Genius+Hub\u0026amp;release=1.1.3.0\u0026amp;platform=All\u0026amp;function=all\" rel=\"nofollow\"\u003ehttps://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther%20software\u0026amp;product=ibm/Information+Management/IBM+Db2+Genius+Hub\u0026amp;release=1.1.3.0\u0026amp;platform=All\u0026amp;function=all\u003c/a\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003cdiv\u003e\u003cdiv\u003e\u003c/div\u003e\u003c/div\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now.ProductVersion impactedRemediationIBM Db2 Genius Hub \u0026amp; Agentics1.1, 1.1.1, 1.1.2Upgrade to: IBM Db2 Genius Hub 1.1.3https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther%20software\u0026amp;product=ibm/Information+Management/IBM+Db2+Genius+Hub\u0026amp;release=1.1.3.0\u0026amp;platform=All\u0026amp;function=all"
            }
          ],
          "title": "Use of Potentially Dangerous Functionthat in IBM Db2 Genius Hub",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-14501",
        "datePublished": "2026-07-17T19:55:50.177Z",
        "dateReserved": "2026-07-02T18:00:48.051Z",
        "dateUpdated": "2026-07-17T19:55:50.177Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-14971 (GCVE-0-2026-14971)

    Vulnerability from cvelistv5 – Published: 2026-07-17 19:49 – Updated: 2026-07-17 19:49
    VLAI
    Title
    This PowerVM Novalink update is being released to address
    Summary
    IBM PowerVM Novalink 2.2.02.2.12.2.1.1, and 2.3.02.3.0.12.3.12.3.2 IBM NovaLink APIs misconfiguration may increase attack surface and enable unintended or unauthorized operations under non-default conditions.
    CWE
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7280225 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM PowerVM Novalink Affected: 2.2.02.2.12.2.1.1
    Affected: 2.3.02.3.0.12.3.12.3.2
        cpe:2.3:a:ibm:powervm_novalink:2.2.02.2.12.2.1.1:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:powervm_novalink:2.3.02.3.0.12.3.12.3.2:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:powervm_novalink:2.2.02.2.12.2.1.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:powervm_novalink:2.3.02.3.0.12.3.12.3.2:*:*:*:*:*:*:*"
              ],
              "product": "PowerVM Novalink",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.2.02.2.12.2.1.1"
                },
                {
                  "status": "affected",
                  "version": "2.3.02.3.0.12.3.12.3.2"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM PowerVM Novalink 2.2.02.2.12.2.1.1, and 2.3.02.3.0.12.3.12.3.2 IBM NovaLink APIs misconfiguration may increase attack surface and enable unintended or unauthorized operations under non-default conditions.\u003c/p\u003e"
                }
              ],
              "value": "IBM PowerVM Novalink 2.2.02.2.12.2.1.1, and 2.3.02.3.0.12.3.12.3.2 IBM NovaLink APIs misconfiguration may increase attack surface and enable unintended or unauthorized operations under non-default conditions."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 3.9,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-16",
                  "description": "CWE-16 Configuration",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T19:49:41.211Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7280225"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eIBM strongly recommends addressing the vulnerability now by upgrading based on the table below.\u003c/p\u003e\u003cdiv\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eProduct\u003c/td\u003e\u003ctd\u003eVersion\u003c/td\u003e\u003ctd\u003eRemediation\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePowerVM Novalink\u003c/td\u003e\u003ctd\u003e\u003cp\u003e2.2.1.1\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u003ca href=\"https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.2.1.1_readme.html\" rel=\"nofollow\"\u003eUpdate to pvm-novalink-2.2.1.1-260708\u003c/a\u003e\u003c/p\u003e\u003cp\u003eor\u003c/p\u003e\u003cp\u003e\u003ca href=\"https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.3.3_readme.html\" rel=\"nofollow\"\u003eUpdate to pvm-novalink-2.3.3-260714\u003c/a\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePowerVM Novalink\u003c/td\u003e\u003ctd\u003e\u003cp\u003e2.3.3\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u003ca href=\"https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.3.3_readme.html\" rel=\"nofollow\"\u003eUpdate to pvm-novalink-2.3.3-260714\u003c/a\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003cdiv\u003e\u003cdiv\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003e\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now by upgrading based on the table below.\n\nProductVersionRemediationPowerVM Novalink\n\n2.2.1.1\n\n\n\n Update to pvm-novalink-2.2.1.1-260708 https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.2.1.1_readme.html \n\n\n\nor\n\n\n\n Update to pvm-novalink-2.3.3-260714 https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.3.3_readme.html \n\nPowerVM Novalink\n\n2.3.3\n\n\n\n Update to pvm-novalink-2.3.3-260714 https://public.dhe.ibm.com/systems/virtualization/Novalink/readme/NovaLink_2.3.3_readme.html"
            }
          ],
          "title": "This PowerVM Novalink update is being released to address",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-14971",
        "datePublished": "2026-07-17T19:49:41.211Z",
        "dateReserved": "2026-07-07T16:36:57.998Z",
        "dateUpdated": "2026-07-17T19:49:41.211Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-14979 (GCVE-0-2026-14979)

    Vulnerability from cvelistv5 – Published: 2026-07-17 19:49 – Updated: 2026-07-17 19:49
    VLAI
    Title
    IBM Engineering Lifecycle Management - Jazz Foundation is vulnerable to XML Entity Expansion attack
    Summary
    IBM Engineering Lifecycle Management 7.0.3 ( Interim Fix 001 through ) Interim Fix 021, 7.1.0 ( Interim Fix 001 through ) Interim Fix 009, and 7.2.0 and 7.2.0 Interim Fix 001 DOORS could allow a remote attacker to cause a denial of service due to improper handling of XML entity expansion.
    CWE
    • CWE-776 - Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7279963 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Engineering Lifecycle Management Affected: 7.0.3 ( Interim Fix 001 , ≤ ) Interim Fix 021 (semver)
    Affected: 7.1.0 ( Interim Fix 001 , ≤ ) Interim Fix 009 (semver)
    Affected: 7.2.0 and 7.2.0 Interim Fix 001
        cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.3:interim_fix_001:*:*:*:*:*:*
        cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.3:interim_fix_021:*:*:*:*:*:*
        cpe:2.3:a:ibm:engineering_lifecycle_management:7.1.0:interim_fix_001:*:*:*:*:*:*
        cpe:2.3:a:ibm:engineering_lifecycle_management:7.1.0:interim_fix_009:*:*:*:*:*:*
        cpe:2.3:a:ibm:engineering_lifecycle_management:7.2.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:engineering_lifecycle_management:7.2.0:interim_fix_001:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.3:interim_fix_001:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:engineering_lifecycle_management:7.0.3:interim_fix_021:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:engineering_lifecycle_management:7.1.0:interim_fix_001:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:engineering_lifecycle_management:7.1.0:interim_fix_009:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:engineering_lifecycle_management:7.2.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:engineering_lifecycle_management:7.2.0:interim_fix_001:*:*:*:*:*:*"
              ],
              "product": "Engineering Lifecycle Management",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": ") Interim Fix 021",
                  "status": "affected",
                  "version": "7.0.3 ( Interim Fix 001",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": ") Interim Fix 009",
                  "status": "affected",
                  "version": "7.1.0 ( Interim Fix 001",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "7.2.0 and 7.2.0 Interim Fix 001"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Engineering Lifecycle Management 7.0.3 ( Interim Fix 001 through ) Interim Fix 021, 7.1.0 ( Interim Fix 001 through ) Interim Fix 009, and 7.2.0 and 7.2.0 Interim Fix 001 DOORS could allow a remote attacker to cause a denial of service due to improper handling of XML entity expansion.\u003c/p\u003e"
                }
              ],
              "value": "IBM Engineering Lifecycle Management 7.0.3 ( Interim Fix 001 through ) Interim Fix 021, 7.1.0 ( Interim Fix 001 through ) Interim Fix 009, and 7.2.0 and 7.2.0 Interim Fix 001 DOORS could allow a remote attacker to cause a denial of service due to improper handling of XML entity expansion."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-776",
                  "description": "CWE-776 Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T19:49:10.380Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7279963"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM strongly recommends addressing the vulnerability now by upgrading to iFixes detailed below:\u003c/p\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cstrong\u003eAffected Product(s)\u003c/strong\u003e\u003c/td\u003e\u003ctd\u003e\u003cstrong\u003eVersion(s)\u003c/strong\u003e\u003c/td\u003e\u003ctd\u003e\u003cstrong\u003eRemediation/Fix/Instructions\u003c/strong\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eIBM Engineering Lifecycle Management - Jazz Foundation\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e7.0.3\u003c/td\u003e\u003ctd\u003eDownload and install\u00a0\u003ca href=\"https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Engineering\u0026amp;product=ibm/Rational/IBM+Engineering+Lifecycle+Management\u0026amp;release=7.2\u0026amp;platform=All\u0026amp;function=fixId\u0026amp;fixids=7.0.3-IBM-ELM-iFix022\u0026amp;includeRequisites=0\u0026amp;includeSupersedes=0\u0026amp;downloadMethod=http\" rel=\"nofollow\"\u003eiFix022\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eIBM Engineering Lifecycle Management - Jazz Foundation\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e7.1.0\u003c/td\u003e\u003ctd\u003eDownload and install\u00a0\u003ca href=\"https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Engineering\u0026amp;product=ibm/Rational/IBM+Engineering+Lifecycle+Management\u0026amp;release=7.1\u0026amp;platform=All\u0026amp;function=fixId\u0026amp;fixids=7.1-IBM-ELM-iFix010\u0026amp;includeRequisites=0\u0026amp;includeSupersedes=0\u0026amp;downloadMethod=http\u0026amp;login=true\" rel=\"nofollow\"\u003eiFix010\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eIBM Engineering Lifecycle Management - Jazz Foundation\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e7.2.0\u003c/td\u003e\u003ctd\u003eDownload and install\u00a0\u003ca href=\"https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Engineering\u0026amp;product=ibm/Rational/IBM+Engineering+Lifecycle+Management\u0026amp;release=7.2\u0026amp;platform=All\u0026amp;function=fixId\u0026amp;fixids=7.2-IBM-ELM-iFix002\u0026amp;includeRequisites=0\u0026amp;includeSupersedes=0\u0026amp;downloadMethod=http\u0026amp;login=true\" rel=\"nofollow\"\u003eiFix002\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now by upgrading to iFixes detailed below:\n\nAffected Product(s)Version(s)Remediation/Fix/Instructions\n\nIBM Engineering Lifecycle Management - Jazz Foundation\n\n7.0.3Download and install\u00a0 iFix022 https://www.ibm.com/support/fixcentral/swg/downloadFixes \n\nIBM Engineering Lifecycle Management - Jazz Foundation\n\n7.1.0Download and install\u00a0 iFix010 https://www.ibm.com/support/fixcentral/swg/downloadFixes \n\nIBM Engineering Lifecycle Management - Jazz Foundation\n\n7.2.0Download and install\u00a0 iFix002 https://www.ibm.com/support/fixcentral/swg/downloadFixes"
            }
          ],
          "title": "IBM Engineering Lifecycle Management - Jazz Foundation is vulnerable to XML Entity Expansion attack",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-14979",
        "datePublished": "2026-07-17T19:49:10.380Z",
        "dateReserved": "2026-07-07T16:58:17.358Z",
        "dateUpdated": "2026-07-17T19:49:10.380Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-15069 (GCVE-0-2026-15069)

    Vulnerability from cvelistv5 – Published: 2026-07-17 19:40 – Updated: 2026-07-17 19:40
    VLAI
    Title
    Multiple Vulnerabilities in IBM Engineering AI hub.
    Summary
    IBM Engineering AI Hub 1.0.0, 1.1.0, and 1.2.0 could allow a remote attacker to execute arbitrary script code due to improper neutralization of input during web page generation.
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7279964 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Engineering AI Hub Affected: 1.0.0
    Affected: 1.1.0
    Affected: 1.2.0
        cpe:2.3:a:ibm:engineering_ai_hub:1.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:engineering_ai_hub:1.1.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:engineering_ai_hub:1.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:engineering_ai_hub:1.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:engineering_ai_hub:1.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:engineering_ai_hub:1.2.0:*:*:*:*:*:*:*"
              ],
              "product": "Engineering AI Hub",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0.0"
                },
                {
                  "status": "affected",
                  "version": "1.1.0"
                },
                {
                  "status": "affected",
                  "version": "1.2.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Engineering AI Hub 1.0.0, 1.1.0, and 1.2.0 could allow a remote attacker to execute arbitrary script code due to improper neutralization of input during web page generation.\u003c/p\u003e"
                }
              ],
              "value": "IBM Engineering AI Hub 1.0.0, 1.1.0, and 1.2.0 could allow a remote attacker to execute arbitrary script code due to improper neutralization of input during web page generation."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T19:40:48.285Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7279964"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003e\u003cdiv\u003e\u003cbr/\u003e\u003cp\u003eIBM strongly recommends addressing the vulnerability now.\u003c/p\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eAffected product\u003c/td\u003e\u003ctd\u003eFixed in release\u003c/td\u003e\u003ctd\u003eInstructions\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Engineering AI Hub v1.0.0\u003c/td\u003e\u003ctd\u003e1.3.0\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading\" rel=\"nofollow\"\u003ehttps://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Engineering AI Hub v1.1.0\u003c/td\u003e\u003ctd\u003e1.3.0\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading\" rel=\"nofollow\"\u003ehttps://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Engineering AI Hub v1.2.0\u003c/td\u003e\u003ctd\u003e1.3.0\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading\" rel=\"nofollow\"\u003ehttps://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now.\n\nAffected productFixed in releaseInstructionsIBM Engineering AI Hub v1.0.01.3.0 https://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading IBM Engineering AI Hub v1.1.01.3.0 https://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading IBM Engineering AI Hub v1.2.01.3.0 https://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading"
            }
          ],
          "title": "Multiple Vulnerabilities in IBM Engineering AI hub.",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-15069",
        "datePublished": "2026-07-17T19:40:48.285Z",
        "dateReserved": "2026-07-08T14:46:51.365Z",
        "dateUpdated": "2026-07-17T19:40:48.285Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-15091 (GCVE-0-2026-15091)

    Vulnerability from cvelistv5 – Published: 2026-07-17 19:38 – Updated: 2026-07-17 19:38
    VLAI
    Title
    Multiple Vulnerabilities in IBM Engineering AI hub.
    Summary
    IBM Engineering AI Hub 1.0.0, 1.1.0, and 1.2.0 could allow a remote attacker to execute arbitrary scripts due to improper neutralization of input during web page generation.
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7279964 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Engineering AI Hub Affected: 1.0.0
    Affected: 1.1.0
    Affected: 1.2.0
        cpe:2.3:a:ibm:engineering_ai_hub:1.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:engineering_ai_hub:1.1.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:engineering_ai_hub:1.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:engineering_ai_hub:1.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:engineering_ai_hub:1.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:engineering_ai_hub:1.2.0:*:*:*:*:*:*:*"
              ],
              "product": "Engineering AI Hub",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0.0"
                },
                {
                  "status": "affected",
                  "version": "1.1.0"
                },
                {
                  "status": "affected",
                  "version": "1.2.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Engineering AI Hub 1.0.0, 1.1.0, and 1.2.0 could allow a remote attacker to execute arbitrary scripts due to improper neutralization of input during web page generation.\u003c/p\u003e"
                }
              ],
              "value": "IBM Engineering AI Hub 1.0.0, 1.1.0, and 1.2.0 could allow a remote attacker to execute arbitrary scripts due to improper neutralization of input during web page generation."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T19:38:58.436Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7279964"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003e\u003cdiv\u003e\u003cbr/\u003e\u003cp\u003eIBM strongly recommends addressing the vulnerability now.\u003c/p\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eAffected product\u003c/td\u003e\u003ctd\u003eFixed in release\u003c/td\u003e\u003ctd\u003eInstructions\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Engineering AI Hub v1.0.0\u003c/td\u003e\u003ctd\u003e1.3.0\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading\" rel=\"nofollow\"\u003ehttps://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Engineering AI Hub v1.1.0\u003c/td\u003e\u003ctd\u003e1.3.0\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading\" rel=\"nofollow\"\u003ehttps://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Engineering AI Hub v1.2.0\u003c/td\u003e\u003ctd\u003e1.3.0\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading\" rel=\"nofollow\"\u003ehttps://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now.\n\nAffected productFixed in releaseInstructionsIBM Engineering AI Hub v1.0.01.3.0 https://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading IBM Engineering AI Hub v1.1.01.3.0 https://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading IBM Engineering AI Hub v1.2.01.3.0 https://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading"
            }
          ],
          "title": "Multiple Vulnerabilities in IBM Engineering AI hub.",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-15091",
        "datePublished": "2026-07-17T19:38:58.436Z",
        "dateReserved": "2026-07-08T16:07:31.099Z",
        "dateUpdated": "2026-07-17T19:38:58.436Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-15093 (GCVE-0-2026-15093)

    Vulnerability from cvelistv5 – Published: 2026-07-17 19:37 – Updated: 2026-07-17 23:15
    VLAI
    Title
    Multiple Vulnerabilities in IBM Engineering AI hub.
    Summary
    IBM Engineering AI Hub 1.0.0, 1.1.0, and 1.2.0 could allow a remote attacker to redirect users to malicious websites due to improper validation of user-supplied URLs.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7279964 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Engineering AI Hub Affected: 1.0.0
    Affected: 1.1.0
    Affected: 1.2.0
        cpe:2.3:a:ibm:engineering_ai_hub:1.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:engineering_ai_hub:1.1.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:engineering_ai_hub:1.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-15093",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-17T20:05:15.874835Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-17T23:15:12.887Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:engineering_ai_hub:1.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:engineering_ai_hub:1.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:engineering_ai_hub:1.2.0:*:*:*:*:*:*:*"
              ],
              "product": "Engineering AI Hub",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0.0"
                },
                {
                  "status": "affected",
                  "version": "1.1.0"
                },
                {
                  "status": "affected",
                  "version": "1.2.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Engineering AI Hub 1.0.0, 1.1.0, and 1.2.0 could allow a remote attacker to redirect users to malicious websites due to improper validation of user-supplied URLs.\u003c/p\u003e"
                }
              ],
              "value": "IBM Engineering AI Hub 1.0.0, 1.1.0, and 1.2.0 could allow a remote attacker to redirect users to malicious websites due to improper validation of user-supplied URLs."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-601",
                  "description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T19:37:57.768Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7279964"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003e\u003cdiv\u003e\u003cbr/\u003e\u003cp\u003eIBM strongly recommends addressing the vulnerability now.\u003c/p\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eAffected product\u003c/td\u003e\u003ctd\u003eFixed in release\u003c/td\u003e\u003ctd\u003eInstructions\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Engineering AI Hub v1.0.0\u003c/td\u003e\u003ctd\u003e1.3.0\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading\" rel=\"nofollow\"\u003ehttps://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Engineering AI Hub v1.1.0\u003c/td\u003e\u003ctd\u003e1.3.0\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading\" rel=\"nofollow\"\u003ehttps://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Engineering AI Hub v1.2.0\u003c/td\u003e\u003ctd\u003e1.3.0\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading\" rel=\"nofollow\"\u003ehttps://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now.\n\nAffected productFixed in releaseInstructionsIBM Engineering AI Hub v1.0.01.3.0 https://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading IBM Engineering AI Hub v1.1.01.3.0 https://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading IBM Engineering AI Hub v1.2.01.3.0 https://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading"
            }
          ],
          "title": "Multiple Vulnerabilities in IBM Engineering AI hub.",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-15093",
        "datePublished": "2026-07-17T19:37:57.768Z",
        "dateReserved": "2026-07-08T16:10:36.076Z",
        "dateUpdated": "2026-07-17T23:15:12.887Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-15322 (GCVE-0-2026-15322)

    Vulnerability from cvelistv5 – Published: 2026-07-17 19:35 – Updated: 2026-07-17 19:35
    VLAI
    Title
    Multiple Vulnerabilities in IBM Engineering AI hub.
    Summary
    IBM Engineering AI Hub 1.0.0, 1.1.0, and 1.2.0 could allow a remote attacker to obtain sensitive information due to the exposure of session tokens in URLs.
    CWE
    • CWE-598 - Use of HTTP Request With Sensitive Query String
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7279964 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Engineering AI Hub Affected: 1.0.0
    Affected: 1.1.0
    Affected: 1.2.0
        cpe:2.3:a:ibm:engineering_ai_hub:1.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:engineering_ai_hub:1.1.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:engineering_ai_hub:1.2.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:engineering_ai_hub:1.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:engineering_ai_hub:1.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:engineering_ai_hub:1.2.0:*:*:*:*:*:*:*"
              ],
              "product": "Engineering AI Hub",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0.0"
                },
                {
                  "status": "affected",
                  "version": "1.1.0"
                },
                {
                  "status": "affected",
                  "version": "1.2.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Engineering AI Hub 1.0.0, 1.1.0, and 1.2.0 could allow a remote attacker to obtain sensitive information due to the exposure of session tokens in URLs.\u003c/p\u003e"
                }
              ],
              "value": "IBM Engineering AI Hub 1.0.0, 1.1.0, and 1.2.0 could allow a remote attacker to obtain sensitive information due to the exposure of session tokens in URLs."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-598",
                  "description": "CWE-598 Use of HTTP Request With Sensitive Query String",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T19:35:19.725Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7279964"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003e\u003cdiv\u003e\u003cbr/\u003e\u003cp\u003eIBM strongly recommends addressing the vulnerability now.\u003c/p\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eAffected product\u003c/td\u003e\u003ctd\u003eFixed in release\u003c/td\u003e\u003ctd\u003eInstructions\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Engineering AI Hub v1.0.0\u003c/td\u003e\u003ctd\u003e1.3.0\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading\" rel=\"nofollow\"\u003ehttps://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Engineering AI Hub v1.1.0\u003c/td\u003e\u003ctd\u003e1.3.0\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading\" rel=\"nofollow\"\u003ehttps://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Engineering AI Hub v1.2.0\u003c/td\u003e\u003ctd\u003e1.3.0\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading\" rel=\"nofollow\"\u003ehttps://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now.\n\nAffected productFixed in releaseInstructionsIBM Engineering AI Hub v1.0.01.3.0 https://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading IBM Engineering AI Hub v1.1.01.3.0 https://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading IBM Engineering AI Hub v1.2.01.3.0 https://www.ibm.com/docs/en/engineering-ai-hub/1.3.0?topic=upgrading"
            }
          ],
          "title": "Multiple Vulnerabilities in IBM Engineering AI hub.",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-15322",
        "datePublished": "2026-07-17T19:35:19.725Z",
        "dateReserved": "2026-07-09T18:13:22.722Z",
        "dateUpdated": "2026-07-17T19:35:19.725Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-15995 (GCVE-0-2026-15995)

    Vulnerability from cvelistv5 – Published: 2026-07-17 19:34 – Updated: 2026-07-17 19:34
    VLAI
    Title
    IBM Cognos Analytics 12.1.3 general availability package contains a data integrity issue in the Agentic AI assistant that may cause incorrect report summaries or report-processing errors under concurrent use
    Summary
    IBM Cognos Analytics 12.1.3 GA Version with build number through 12.1.3-2606251736 could allow an attacker to obtain incorrect report summary results or cause report-processing failures due to a race condition in the Agentic AI assistant's concurrent request-handling logic when multiple authenticated users submit report-related tasks simultaneously.
    CWE
    • CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7280311 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Cognos Analytics Affected: 12.1.3 GA Version with build number , ≤ 12.1.3-2606251736 (semver)
        cpe:2.3:a:ibm:cognos_analytics:12.1.3:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:cognos_analytics:12.1.3-2606251736:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:cognos_analytics:12.1.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:cognos_analytics:12.1.3-2606251736:*:*:*:*:*:*:*"
              ],
              "product": "Cognos Analytics",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "12.1.3-2606251736",
                  "status": "affected",
                  "version": "12.1.3 GA Version with build number",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Cognos Analytics 12.1.3 GA Version with build number through 12.1.3-2606251736 could allow an attacker to obtain incorrect report summary results or cause report-processing failures due to a race condition in the Agentic AI assistant\u0027s concurrent request-handling logic when multiple authenticated users submit report-related tasks simultaneously.\u003c/p\u003e"
                }
              ],
              "value": "IBM Cognos Analytics 12.1.3 GA Version with build number through 12.1.3-2606251736 could allow an attacker to obtain incorrect report summary results or cause report-processing failures due to a race condition in the Agentic AI assistant\u0027s concurrent request-handling logic when multiple authenticated users submit report-related tasks simultaneously."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-362",
                  "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T19:34:52.644Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7280311"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM has addressed this issue in an updated Cognos Analytics 12.1.3 package available from Passport Advantage released on July 16th. The build number of the corrected release is 12.1.3-2607110822.\u00a0 Customers should obtain and deploy the updated package to remediate the issue.\u003cbr/\u003e\u003cbr/\u003e\u003c/p\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cstrong\u003eProduct(s)\u003c/strong\u003e\u003c/td\u003e\u003ctd\u003e\u003cstrong\u003eVersion(s) number and/or range\u00a0\u003c/strong\u003e\u003c/td\u003e\u003ctd\u003e\u003cstrong\u003eRemediation/Fix/Instructions\u003c/strong\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Cognos Analytics\u003c/td\u003e\u003ctd\u003e12.1.3 updated with build number 12.1.3-2607110822\u00a0\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.ibm.com/software/passportadvantage/pao-customer\" rel=\"noopener noreferrer nofollow\"\u003eIBM Cognos Analytics 12.1.3\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003cp\u003e\u003c/p\u003e"
                }
              ],
              "value": "IBM has addressed this issue in an updated Cognos Analytics 12.1.3 package available from Passport Advantage released on July 16th. The build number of the corrected release is 12.1.3-2607110822.\u00a0 Customers should obtain and deploy the updated package to remediate the issue.\n\n\n\nProduct(s)Version(s) number and/or range\u00a0Remediation/Fix/InstructionsIBM Cognos Analytics12.1.3 updated with build number 12.1.3-2607110822\u00a0 IBM Cognos Analytics 12.1.3 https://www.ibm.com/software/passportadvantage/pao-customer"
            }
          ],
          "title": "IBM Cognos Analytics 12.1.3 general availability package contains a data integrity issue in the Agentic AI assistant that may cause incorrect report summaries or report-processing errors under concurrent use",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-15995",
        "datePublished": "2026-07-17T19:34:52.644Z",
        "dateReserved": "2026-07-16T21:12:15.436Z",
        "dateUpdated": "2026-07-17T19:34:52.644Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-4938 (GCVE-0-2026-4938)

    Vulnerability from cvelistv5 – Published: 2026-07-17 19:34 – Updated: 2026-07-17 19:34
    VLAI
    Title
    Security vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access
    Summary
    IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 and IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 could allow an attacker with read-only privileges to make unauthorized modifications and deployments outside of their assigned permissions.
    CWE
    • CWE-863 - Incorrect Authorization
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7279510 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Verify Identity Access Affected: 11.0 , ≤ 11.0.2 (semver)
        cpe:2.3:a:ibm:verify_identity_access:11.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:verify_identity_access:11.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:verify_identity_access:11.0.2:*:*:*:*:*:*:*
    Create a notification for this product.
    IBM Security Verify Access Affected: 10.0 , ≤ 10.0.9.1 (semver)
        cpe:2.3:a:ibm:security_verify_access:10.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:security_verify_access:10.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:security_verify_access:10.0.9.1:*:*:*:*:*:*:*
    Create a notification for this product.
    IBM Verify Identity Access Container Affected: 11.0 , ≤ 11.0.2 (semver)
        cpe:2.3:a:ibm:verify_identity_access_container:11.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:verify_identity_access_container:11.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:verify_identity_access_container:11.0.2:*:*:*:*:*:*:*
    Create a notification for this product.
    IBM Security Verify Access Container Affected: 10.0 , ≤ 10.0.9.1 (semver)
        cpe:2.3:a:ibm:security_verify_access_container:10.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:security_verify_access_container:10.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:security_verify_access_container:10.0.9.1:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:verify_identity_access:11.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:verify_identity_access:11.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:verify_identity_access:11.0.2:*:*:*:*:*:*:*"
              ],
              "product": "Verify Identity Access",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.2",
                  "status": "affected",
                  "version": "11.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:ibm:security_verify_access:10.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:security_verify_access:10.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:security_verify_access:10.0.9.1:*:*:*:*:*:*:*"
              ],
              "product": "Security Verify Access",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "10.0.9.1",
                  "status": "affected",
                  "version": "10.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:ibm:verify_identity_access_container:11.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:verify_identity_access_container:11.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:verify_identity_access_container:11.0.2:*:*:*:*:*:*:*"
              ],
              "product": "Verify Identity Access Container",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.2",
                  "status": "affected",
                  "version": "11.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:ibm:security_verify_access_container:10.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:security_verify_access_container:10.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:security_verify_access_container:10.0.9.1:*:*:*:*:*:*:*"
              ],
              "product": "Security Verify Access Container",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "10.0.9.1",
                  "status": "affected",
                  "version": "10.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 and IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 could allow an attacker with read-only privileges to make unauthorized modifications and deployments outside of their assigned permissions.\u003c/p\u003e"
                }
              ],
              "value": "IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 and IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 could allow an attacker with read-only privileges to make unauthorized modifications and deployments outside of their assigned permissions."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-863",
                  "description": "CWE-863 Incorrect Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T19:34:14.956Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7279510"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\u003cstrong\u003eIBM encourages customers to update their systems promptly.\u003c/strong\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eAppliance:\u003c/strong\u003e\u003c/p\u003e\u003cdiv\u003e\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u003cstrong\u003eAffected Products and Versions\u003c/strong\u003e\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u003cstrong\u003eFix availability\u003c/strong\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eIBM Verify Identity Access 11.0 - 11.0.2\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u003ca href=\"https://www.ibm.com/support/pages/download-ibm-verify-identity-access-v1103\" rel=\"nofollow\"\u003eDownload IBM Verify Identity Access v11.0.3\u003c/a\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eIBM Security Verify Access 10.0 0 - 10.0.9.1\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u003ca href=\"https://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FIBM+Security+Verify+Access\u0026amp;fixids=10.0.9-ISS-ISVA-FP0002\u0026amp;source=SAR\" rel=\"nofollow\"\u003eDownload IBM Security Verify Access v10.0.9.2\u003c/a\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/thead\u003e\u003c/table\u003e\u003c/div\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eContainer:\u003c/strong\u003e\u003c/p\u003e\u003cp\u003e\u003ca href=\"https://docs.verify.ibm.com/ibm-security-verify-access/docs/containers\" rel=\"nofollow\"\u003eContainer Download\u003c/a\u003e\u003c/p\u003e"
                }
              ],
              "value": "IBM encourages customers to update their systems promptly.\n\n\n\n\n\n\n\nAppliance:\n\n\n\nAffected Products and Versions\n\n\n\nFix availability\n\n\n\nIBM Verify Identity Access 11.0 - 11.0.2\n\n\n\n Download IBM Verify Identity Access v11.0.3 https://www.ibm.com/support/pages/download-ibm-verify-identity-access-v1103 \n\n\n\nIBM Security Verify Access 10.0 0 - 10.0.9.1\n\n\n\n Download IBM Security Verify Access v10.0.9.2 https://www.ibm.com/support/fixcentral/quickorder \n\n\n\n\n\n\n\n\n\nContainer:\n\n\n\n Container Download https://docs.verify.ibm.com/ibm-security-verify-access/docs/containers"
            }
          ],
          "title": "Security vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-4938",
        "datePublished": "2026-07-17T19:34:14.956Z",
        "dateReserved": "2026-03-26T21:00:56.474Z",
        "dateUpdated": "2026-07-17T19:34:14.956Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-4942 (GCVE-0-2026-4942)

    Vulnerability from cvelistv5 – Published: 2026-07-17 19:32 – Updated: 2026-07-17 19:32
    VLAI
    Title
    IBM i is Affected by Algorithm Downgrade in Transport Layer Security []
    Summary
    IBM i 7.6, 7.5, 7.4, and 7.3 could allow a remote attacker to send a specifically crafted message and downgrade the Transport Layer Security (TLS) protocol to a version disabled in the server configuration.
    CWE
    • CWE-757 - Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7278992 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM i Affected: 7.6
    Affected: 7.5
    Affected: 7.4
    Affected: 7.3
        cpe:2.3:a:ibm:i:7.6:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:i:7.6.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:i:7.5:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:i:7.5.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:i:7.4:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:i:7.4.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:i:7.3:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:i:7.3.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:i:7.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:i:7.6.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:i:7.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:i:7.5.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:i:7.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:i:7.4.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:i:7.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:i:7.3.0:*:*:*:*:*:*:*"
              ],
              "product": "i",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.6"
                },
                {
                  "status": "affected",
                  "version": "7.5"
                },
                {
                  "status": "affected",
                  "version": "7.4"
                },
                {
                  "status": "affected",
                  "version": "7.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM i 7.6, 7.5, 7.4, and 7.3 could allow a remote attacker to send a specifically crafted message and downgrade the Transport Layer Security (TLS) protocol to a version disabled in the server configuration.\u003c/p\u003e"
                }
              ],
              "value": "IBM i 7.6, 7.5, 7.4, and 7.3 could allow a remote attacker to send a specifically crafted message and downgrade the Transport Layer Security (TLS) protocol to a version disabled in the server configuration."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-757",
                  "description": "CWE-757 Selection of Less-Secure Algorithm During Negotiation (\u0027Algorithm Downgrade\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T19:32:02.440Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7278992"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003e\u003ctable\u003e\u003ccolgroup\u003e\u003ccol/\u003e\u003ccol/\u003e\u003ccol/\u003e\u003c/colgroup\u003e\u003cthead\u003e\u003ctr\u003e\u003ctd\u003e\u003cstrong\u003eIBM i Release\u003c/strong\u003e\u003c/td\u003e\u003ctd\u003e\u003cstrong\u003e5770-SS1\u003cbr/\u003ePTF Number(s)\u003c/strong\u003e\u003c/td\u003e\u003ctd\u003e\u003cstrong\u003ePTF Download Link(s)\u003c/strong\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e7.6\u003c/td\u003e\u003ctd\u003eMJ09141\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.ibm.com/mysupport/s/fix-information?legacy=MJ09141\" rel=\"noopener noreferrer nofollow\"\u003ehttps://www.ibm.com/mysupport/s/fix-information?legacy=MJ09141\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e7.5\u003c/td\u003e\u003ctd\u003eMJ09140\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.ibm.com/mysupport/s/fix-information?legacy=MJ09140\" rel=\"noopener noreferrer nofollow\"\u003ehttps://www.ibm.com/mysupport/s/fix-information?legacy=MJ09140\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e7.4\u003c/td\u003e\u003ctd\u003eMJ09139\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.ibm.com/mysupport/s/fix-information?legacy=MJ09139\" rel=\"noopener noreferrer nofollow\"\u003ehttps://www.ibm.com/mysupport/s/fix-information?legacy=MJ09139\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e7.3\u003c/td\u003e\u003ctd\u003eMJ09138\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.ibm.com/mysupport/s/fix-information?legacy=MJ09138\" rel=\"noopener noreferrer nofollow\"\u003ehttps://www.ibm.com/mysupport/s/fix-information?legacy=MJ09138\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003cp\u003eIBM recommends users running unsupported versions of affected products upgrade to a supported and fixed version of affected products.\u003c/p\u003e"
                }
              ],
              "value": "IBM i Release5770-SS1\nPTF Number(s)PTF Download Link(s)7.6MJ09141 https://www.ibm.com/mysupport/s/fix-information?legacy=MJ09141 7.5MJ09140 https://www.ibm.com/mysupport/s/fix-information?legacy=MJ09140 7.4MJ09139 https://www.ibm.com/mysupport/s/fix-information?legacy=MJ09139 7.3MJ09138 https://www.ibm.com/mysupport/s/fix-information?legacy=MJ09138 \n\n\n\nIBM recommends users running unsupported versions of affected products upgrade to a supported and fixed version of affected products."
            }
          ],
          "title": "IBM i is Affected by Algorithm Downgrade in Transport Layer Security []",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-4942",
        "datePublished": "2026-07-17T19:32:02.440Z",
        "dateReserved": "2026-03-26T21:14:44.344Z",
        "dateUpdated": "2026-07-17T19:32:02.440Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-7364 (GCVE-0-2026-7364)

    Vulnerability from cvelistv5 – Published: 2026-07-17 19:31 – Updated: 2026-07-17 19:31
    VLAI
    Title
    Security vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access
    Summary
    IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 and IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker could exploit this vulnerability using a specially crafted request to redirect a victim to arbitrary Web sites.
    CWE
    • CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7279510 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Verify Identity Access Affected: 11.0 , ≤ 11.0.2 (semver)
        cpe:2.3:a:ibm:verify_identity_access:11.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:verify_identity_access:11.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:verify_identity_access:11.0.2:*:*:*:*:*:*:*
    Create a notification for this product.
    IBM Security Verify Access Affected: 10.0 , ≤ 10.0.9.1 (semver)
        cpe:2.3:a:ibm:security_verify_access:10.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:security_verify_access:10.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:security_verify_access:10.0.9.1:*:*:*:*:*:*:*
    Create a notification for this product.
    IBM Verify Identity Access Container Affected: 11.0 , ≤ 11.0.2 (semver)
        cpe:2.3:a:ibm:verify_identity_access_container:11.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:verify_identity_access_container:11.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:verify_identity_access_container:11.0.2:*:*:*:*:*:*:*
    Create a notification for this product.
    IBM Security Verify Access Container Affected: 10.0 , ≤ 10.0.9.1 (semver)
        cpe:2.3:a:ibm:security_verify_access_container:10.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:security_verify_access_container:10.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:security_verify_access_container:10.0.9.1:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:verify_identity_access:11.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:verify_identity_access:11.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:verify_identity_access:11.0.2:*:*:*:*:*:*:*"
              ],
              "product": "Verify Identity Access",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.2",
                  "status": "affected",
                  "version": "11.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:ibm:security_verify_access:10.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:security_verify_access:10.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:security_verify_access:10.0.9.1:*:*:*:*:*:*:*"
              ],
              "product": "Security Verify Access",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "10.0.9.1",
                  "status": "affected",
                  "version": "10.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:ibm:verify_identity_access_container:11.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:verify_identity_access_container:11.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:verify_identity_access_container:11.0.2:*:*:*:*:*:*:*"
              ],
              "product": "Verify Identity Access Container",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.2",
                  "status": "affected",
                  "version": "11.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:ibm:security_verify_access_container:10.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:security_verify_access_container:10.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:security_verify_access_container:10.0.9.1:*:*:*:*:*:*:*"
              ],
              "product": "Security Verify Access Container",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "10.0.9.1",
                  "status": "affected",
                  "version": "10.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 and IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker could exploit this vulnerability using a specially crafted request to redirect a victim to arbitrary Web sites.\u003c/p\u003e"
                }
              ],
              "value": "IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 and IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker could exploit this vulnerability using a specially crafted request to redirect a victim to arbitrary Web sites."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.1,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-601",
                  "description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T19:31:02.236Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7279510"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\u003cstrong\u003eIBM encourages customers to update their systems promptly.\u003c/strong\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eAppliance:\u003c/strong\u003e\u003c/p\u003e\u003cdiv\u003e\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u003cstrong\u003eAffected Products and Versions\u003c/strong\u003e\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u003cstrong\u003eFix availability\u003c/strong\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eIBM Verify Identity Access 11.0 - 11.0.2\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u003ca href=\"https://www.ibm.com/support/pages/download-ibm-verify-identity-access-v1103\" rel=\"nofollow\"\u003eDownload IBM Verify Identity Access v11.0.3\u003c/a\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eIBM Security Verify Access 10.0 0 - 10.0.9.1\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u003ca href=\"https://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FIBM+Security+Verify+Access\u0026amp;fixids=10.0.9-ISS-ISVA-FP0002\u0026amp;source=SAR\" rel=\"nofollow\"\u003eDownload IBM Security Verify Access v10.0.9.2\u003c/a\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/thead\u003e\u003c/table\u003e\u003c/div\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eContainer:\u003c/strong\u003e\u003c/p\u003e\u003cp\u003e\u003ca href=\"https://docs.verify.ibm.com/ibm-security-verify-access/docs/containers\" rel=\"nofollow\"\u003eContainer Download\u003c/a\u003e\u003c/p\u003e"
                }
              ],
              "value": "IBM encourages customers to update their systems promptly.Appliance:Affected Products and VersionsFix availabilityIBM Verify Identity Access 11.0 - 11.0.2Download IBM Verify Identity Access v11.0.3IBM Security Verify Access 10.0 0 - 10.0.9.1Download IBM Security Verify Access v10.0.9.2Container:Container Download"
            }
          ],
          "title": "Security vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-7364",
        "datePublished": "2026-07-17T19:31:02.236Z",
        "dateReserved": "2026-04-28T20:43:22.842Z",
        "dateUpdated": "2026-07-17T19:31:02.236Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-7667 (GCVE-0-2026-7667)

    Vulnerability from cvelistv5 – Published: 2026-07-17 19:21 – Updated: 2026-07-17 19:21
    VLAI
    Title
    Path Traversal Vulnerability in API Request Component Content-Disposition Header Processing
    Summary
    IBM Langflow OSS 1.0.0 through 1.10.0 allows an authenticated attacker to create a malicious flow pointing to an attacker-controlled URL that returns a specially crafted Content-Disposition header (e.g., filename="../../../target/path" ), enabling arbitrary file write operations with attacker-controlled content to any path accessible by the Langflow process.
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7278931 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Langflow OSS Affected: 1.0.0 , ≤ 1.10.0 (semver)
        cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:langflow_oss:1.10.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:langflow_oss:1.10.0:*:*:*:*:*:*:*"
              ],
              "product": "Langflow OSS",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "1.10.0",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Langflow OSS 1.0.0 through 1.10.0 allows an authenticated attacker to create a malicious flow pointing to an attacker-controlled URL that returns a specially crafted Content-Disposition header (e.g., filename=\"../../../target/path\" ), enabling arbitrary file write operations with attacker-controlled content to any path accessible by the Langflow process.\u003c/p\u003e"
                }
              ],
              "value": "IBM Langflow OSS 1.0.0 through 1.10.0 allows an authenticated attacker to create a malicious flow pointing to an attacker-controlled URL that returns a specially crafted Content-Disposition header (e.g., filename=\"../../../target/path\" ), enabling arbitrary file write operations with attacker-controlled content to any path accessible by the Langflow process."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T19:21:41.231Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7278931"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM strongly recommends addressing the vulnerability now by upgrading \u003ca href=\"https://pypi.org/project/langflow/\" rel=\"nofollow\"\u003eLangflow OSS to version 1.10.1\u003c/a\u003e\u003c/p\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now by upgrading Langflow OSS to version 1.10.1"
            }
          ],
          "title": "Path Traversal Vulnerability in API Request Component Content-Disposition Header Processing",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-7667",
        "datePublished": "2026-07-17T19:21:41.231Z",
        "dateReserved": "2026-05-01T20:06:08.386Z",
        "dateUpdated": "2026-07-17T19:21:41.231Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-7754 (GCVE-0-2026-7754)

    Vulnerability from cvelistv5 – Published: 2026-07-17 19:19 – Updated: 2026-07-17 19:41
    VLAI
    Title
    SSRF Protection Configuration Vulnerability
    Summary
    IBM Langflow OSS 1.0.0 through 1.10.0 Langflow 1.9.0 could allow server-side request forgery (SSRF) due to insecure default configuration and incomplete enforcement of the SSRF protection mechanism.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7278930 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Langflow OSS Affected: 1.0.0 , ≤ 1.10.0 (semver)
        cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:langflow_oss:1.10.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-7754",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-17T19:41:00.760534Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-17T19:41:12.962Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:langflow_oss:1.10.0:*:*:*:*:*:*:*"
              ],
              "product": "Langflow OSS",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "1.10.0",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Langflow OSS 1.0.0 through 1.10.0 Langflow 1.9.0 could allow server-side request forgery (SSRF) due to insecure default configuration and incomplete enforcement of the SSRF protection mechanism.\u003c/p\u003e"
                }
              ],
              "value": "IBM Langflow OSS 1.0.0 through 1.10.0 Langflow 1.9.0 could allow server-side request forgery (SSRF) due to insecure default configuration and incomplete enforcement of the SSRF protection mechanism."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T19:19:24.794Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7278930"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM strongly recommends addressing the vulnerability now by upgrading \u003ca href=\"https://pypi.org/project/langflow/\" rel=\"nofollow\"\u003eLangflow OSS to version 1.10.1\u003c/a\u003e\u003c/p\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now by upgrading  Langflow OSS to version 1.10.1 https://pypi.org/project/langflow/"
            }
          ],
          "title": "SSRF Protection Configuration Vulnerability",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-7754",
        "datePublished": "2026-07-17T19:19:24.794Z",
        "dateReserved": "2026-05-04T02:59:50.681Z",
        "dateUpdated": "2026-07-17T19:41:12.962Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-7755 (GCVE-0-2026-7755)

    Vulnerability from cvelistv5 – Published: 2026-07-17 19:18 – Updated: 2026-07-17 23:15
    VLAI
    Title
    MCP Server Configuration Validator Bypass via File Upload API
    Summary
    IBM Langflow OSS 1.0.0 through 1.10.0 Langflow could allow remote code execution due to incomplete validation enforcement on MCP server configuration files.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7278932 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Langflow OSS Affected: 1.0.0 , ≤ 1.10.0 (semver)
        cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:langflow_oss:1.10.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-7755",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-17T20:05:27.959163Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-17T23:15:17.947Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:langflow_oss:1.10.0:*:*:*:*:*:*:*"
              ],
              "product": "Langflow OSS",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "1.10.0",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Langflow OSS 1.0.0 through 1.10.0 Langflow could allow remote code execution due to incomplete validation enforcement on MCP server configuration files.\u003c/p\u003e"
                }
              ],
              "value": "IBM Langflow OSS 1.0.0 through 1.10.0 Langflow could allow remote code execution due to incomplete validation enforcement on MCP server configuration files."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T19:18:26.904Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7278932"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM strongly recommends addressing the vulnerability now by upgrading \u003ca href=\"https://pypi.org/project/langflow/\" rel=\"nofollow\"\u003eLangflow OSS to version 1.10.1\u003c/a\u003e\u003c/p\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now by upgrading  Langflow OSS to version 1.10.1 https://pypi.org/project/langflow/"
            }
          ],
          "title": "MCP Server Configuration Validator Bypass via File Upload API",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-7755",
        "datePublished": "2026-07-17T19:18:26.904Z",
        "dateReserved": "2026-05-04T03:09:10.217Z",
        "dateUpdated": "2026-07-17T23:15:17.947Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-7771 (GCVE-0-2026-7771)

    Vulnerability from cvelistv5 – Published: 2026-07-17 19:16 – Updated: 2026-07-17 19:16
    VLAI
    Title
    IBM® Db2® is vulnerable to a trap when compiling specially crafted statements containing subqueries could lead to a denial of service
    Summary
    IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a trap when compiling a specially crafted statements containing subqueries could lead to a denial of service.
    CWE
    • CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7279480 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Db2 Affected: 11.5.0 , ≤ 11.5.9 (semver)
    Affected: 12.1.0 , ≤ 12.1.4 (semver)
        cpe:2.3:a:ibm:db2:11.5.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:db2:11.5.9:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:db2:12.1.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:db2:12.1.4:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:db2:11.5.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:db2:11.5.9:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:db2:12.1.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:db2:12.1.4:*:*:*:*:*:*:*"
              ],
              "product": "Db2",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "11.5.9",
                  "status": "affected",
                  "version": "11.5.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.1.4",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a trap when compiling a specially crafted statements containing subqueries could lead to a denial of service.\u003c/p\u003e"
                }
              ],
              "value": "IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a trap when compiling a specially crafted statements containing subqueries could lead to a denial of service."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-835",
                  "description": "CWE-835 Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T19:16:03.169Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7279480"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\u003cbr/\u003eCustomers running any vulnerable modpack level of an affected Program,V11.5, and V12.1, can download the special build containing the interim fix for this issue from Fix Central. These special builds are available based on the most recent level for each impacted release: V11.5.9, and V12.1.4. They can be applied to any affected level of the appropriate release to remediate this vulnerability.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cdiv\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eRelease\u003c/td\u003e\u003ctd\u003eFixed in mod pack\u003c/td\u003e\u003ctd\u003eAPAR\u003c/td\u003e\u003ctd\u003eDownload URL\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eV11.5\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eTBD\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u003ca href=\"https://www.ibm.com/mysupport/s/defect/aCIgJ000000DDib/dt469374\" rel=\"nofollow\"\u003eDT469374\u003c/a\u003e\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003eSpecial Build #87098 or later for V11.5.9 available at this link:\u003cbr/\u003e\u003ca href=\"https://www.ibm.com/support/pages/node/7087189\" rel=\"nofollow\"\u003ehttps://www.ibm.com/support/pages/node/7087189\u003c/a\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eV12.1\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e12.1.5\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003ca href=\"https://www.ibm.com/mysupport/s/defect/aCIgJ000000DDib/dt469374\" rel=\"nofollow\"\u003eDT469374\u003c/a\u003e\u003cbr/\u003e\u003cp\u003e\u003c/p\u003e\u003c/td\u003e\u003ctd\u003eSpecial Build #87349 or later for V12.1.4 available at this link:\u003cbr/\u003e\u003ca href=\"https://www.ibm.com/support/pages/node/7267513\" rel=\"nofollow\"\u003ehttps://www.ibm.com/support/pages/node/7267513\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\u003cp\u003eIBM does not disclose key Db2 functionality nor replication steps for a vulnerability to avoid providing too much information to any potential malicious attacker. IBM does not want to enable a malicious attacker with sufficient knowledge to craft an exploit of the vulnerability.\u003c/p\u003e"
                }
              ],
              "value": "Customers running any vulnerable modpack level of an affected Program,V11.5, and V12.1, can download the special build containing the interim fix for this issue from Fix Central. These special builds are available based on the most recent level for each impacted release: V11.5.9, and V12.1.4. They can be applied to any affected level of the appropriate release to remediate this vulnerability.\n\n\n\n\n\nReleaseFixed in mod packAPARDownload URL\n\nV11.5\n\n\n\nTBD\n\n\n\n https://www.ibm.com/support/pages/node/7087189 \n\n\n\nV12.1\n\n\n\n\n\n\n\n12.1.5\n\n\n\n\n\n https://www.ibm.com/support/pages/node/7267513 \n\n\n\nIBM does not disclose key Db2 functionality nor replication steps for a vulnerability to avoid providing too much information to any potential malicious attacker. IBM does not want to enable a malicious attacker with sufficient knowledge to craft an exploit of the vulnerability."
            }
          ],
          "title": "IBM\u00ae Db2\u00ae is vulnerable to a trap when compiling specially crafted statements containing subqueries could lead to a denial of service",
          "workarounds": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eEnsure that the query is applying the predicates as intended.\u003c/p\u003e"
                }
              ],
              "value": "Ensure that the query is applying the predicates as intended."
            }
          ],
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-7771",
        "datePublished": "2026-07-17T19:16:03.169Z",
        "dateReserved": "2026-05-04T14:17:26.954Z",
        "dateUpdated": "2026-07-17T19:16:03.169Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-7872 (GCVE-0-2026-7872)

    Vulnerability from cvelistv5 – Published: 2026-07-17 19:15 – Updated: 2026-07-17 19:15
    VLAI
    Title
    Path Traversal Vulnerability in File Component Leading to Arbitrary File Read and Authentication Bypass
    Summary
    IBM Langflow OSS 1.0.0 through 1.10.0 allows an authenticated attacker to read arbitrary files including the JWT signing key and forge authentication tokens for any user.
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7278934 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Langflow OSS Affected: 1.0.0 , ≤ 1.10.0 (semver)
        cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:langflow_oss:1.10.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:langflow_oss:1.10.0:*:*:*:*:*:*:*"
              ],
              "product": "Langflow OSS",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "1.10.0",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Langflow OSS 1.0.0 through 1.10.0 allows an authenticated attacker to read arbitrary files including the JWT signing key and forge authentication tokens for any user.\u003c/p\u003e"
                }
              ],
              "value": "IBM Langflow OSS 1.0.0 through 1.10.0 allows an authenticated attacker to read arbitrary files including the JWT signing key and forge authentication tokens for any user."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T19:15:11.349Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7278934"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM strongly recommends addressing the vulnerability now by upgrading \u003ca href=\"https://pypi.org/project/langflow/\" rel=\"nofollow\"\u003eLangflow OSS to version 1.10.1\u003c/a\u003e\u003c/p\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now by upgrading  Langflow OSS to version 1.10.1 https://pypi.org/project/langflow/"
            }
          ],
          "title": "Path Traversal Vulnerability in File Component Leading to Arbitrary File Read and Authentication Bypass",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-7872",
        "datePublished": "2026-07-17T19:15:11.349Z",
        "dateReserved": "2026-05-05T14:17:00.630Z",
        "dateUpdated": "2026-07-17T19:15:11.349Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-8056 (GCVE-0-2026-8056)

    Vulnerability from cvelistv5 – Published: 2026-07-17 19:13 – Updated: 2026-07-17 19:13
    VLAI
    Title
    Parameter Injection Vulnerability in API Graph Execution Engine
    Summary
    IBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated users to override component parameters at runtime via the API. A critical security flaw exists in the parameter filtering mechanism within the `apply_tweaks()` function.
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7278933 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Langflow OSS Affected: 1.0.0 , ≤ 1.10.0 (semver)
        cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:langflow_oss:1.10.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:langflow_oss:1.10.0:*:*:*:*:*:*:*"
              ],
              "product": "Langflow OSS",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "1.10.0",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated users to override component parameters at runtime via the API. A critical security flaw exists in the parameter filtering mechanism within the `apply_tweaks()` function.\u003c/p\u003e"
                }
              ],
              "value": "IBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated users to override component parameters at runtime via the API. A critical security flaw exists in the parameter filtering mechanism within the `apply_tweaks()` function."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T19:13:12.736Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7278933"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM strongly recommends addressing the vulnerability now by upgrading \u003ca href=\"https://pypi.org/project/langflow/\" rel=\"nofollow\"\u003eLangflow OSS to version 1.10.1\u003c/a\u003e\u003c/p\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now by upgrading  Langflow OSS to version 1.10.1 https://pypi.org/project/langflow/"
            }
          ],
          "title": "Parameter Injection Vulnerability in API Graph Execution Engine",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-8056",
        "datePublished": "2026-07-17T19:13:12.736Z",
        "dateReserved": "2026-05-06T20:34:29.582Z",
        "dateUpdated": "2026-07-17T19:13:12.736Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-8476 (GCVE-0-2026-8476)

    Vulnerability from cvelistv5 – Published: 2026-07-17 19:11 – Updated: 2026-07-17 19:11
    VLAI
    Title
    Disk Cache Deserialization Remote Code Execution Vulnerability
    Summary
    IBM Langflow OSS 1.0.0 through 1.10.0 contain a critical remote code execution vulnerability in the disk-based caching mechanism. The AsyncDiskCache class uses Python's unsafe pickle.loads() function to deserialize cached objects from disk without validation, integrity verification, or authentication, enabling arbitrary code execution when malicious pickle payloads are processed. Attackers who can influence cached data through file system access, malicious workflow inputs, custom components, or API manipulation can achieve complete system compromise with the privileges of the Langflow server process.
    CWE
    • CWE-502 - Deserialization of Untrusted Data
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7278922 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Langflow OSS Affected: 1.0.0 , ≤ 1.10.0 (semver)
        cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:langflow_oss:1.10.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    zdi-disclosures
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:langflow_oss:1.10.0:*:*:*:*:*:*:*"
              ],
              "product": "Langflow OSS",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "1.10.0",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "zdi-disclosures"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Langflow OSS 1.0.0 through 1.10.0 contain a critical remote code execution vulnerability in the disk-based caching mechanism. The AsyncDiskCache class\u0026nbsp;uses Python\u0027s unsafe pickle.loads() function to deserialize cached objects from disk without validation, integrity verification, or authentication, enabling arbitrary code execution when malicious pickle payloads are processed. Attackers who can influence cached data through file system access, malicious workflow inputs, custom components, or API manipulation can achieve complete system compromise with the privileges of the Langflow server process.\u003c/p\u003e"
                }
              ],
              "value": "IBM Langflow OSS 1.0.0 through 1.10.0 contain a critical remote code execution vulnerability in the disk-based caching mechanism. The AsyncDiskCache class\u00a0uses Python\u0027s unsafe pickle.loads() function to deserialize cached objects from disk without validation, integrity verification, or authentication, enabling arbitrary code execution when malicious pickle payloads are processed. Attackers who can influence cached data through file system access, malicious workflow inputs, custom components, or API manipulation can achieve complete system compromise with the privileges of the Langflow server process."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.9,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-502",
                  "description": "CWE-502 Deserialization of Untrusted Data",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T19:11:04.751Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7278922"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM strongly recommends addressing the vulnerability now by upgrading \u003ca href=\"https://pypi.org/project/langflow/\" rel=\"nofollow\"\u003eLangflow OSS to version 1.10.1\u003c/a\u003e\u003c/p\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now by upgrading  Langflow OSS to version 1.10.1 https://pypi.org/project/langflow/"
            }
          ],
          "title": "Disk Cache Deserialization Remote Code Execution Vulnerability",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-8476",
        "datePublished": "2026-07-17T19:11:04.751Z",
        "dateReserved": "2026-05-13T13:17:17.664Z",
        "dateUpdated": "2026-07-17T19:11:04.751Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-8481 (GCVE-0-2026-8481)

    Vulnerability from cvelistv5 – Published: 2026-07-17 19:10 – Updated: 2026-07-17 19:40
    VLAI
    Title
    Remote Code Execution via Code Validation Endpoint
    Summary
    IBM Langflow OSS 1.0.0 through 1.10.0 contain a critical remote code execution vulnerability in the code validation API endpoint. The POST /api/v1/validate/code endpoint accepts user-supplied Python code and executes it directly using Python's built-in exec() function without sandboxing, input validation, or privilege restrictions, enabling any authenticated user to execute arbitrary system commands with the full privileges of the Langflow server process.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7278923 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Langflow OSS Affected: 1.0.0 , ≤ 1.10.0 (semver)
        cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:langflow_oss:1.10.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Kim SooHyun (im-soohyun)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-8481",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-17T19:40:33.659580Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-17T19:40:47.943Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:langflow_oss:1.10.0:*:*:*:*:*:*:*"
              ],
              "product": "Langflow OSS",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "1.10.0",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Kim SooHyun (im-soohyun)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Langflow OSS 1.0.0 through 1.10.0 contain a critical remote code execution vulnerability in the code validation API endpoint.\u0026nbsp;The POST /api/v1/validate/code endpoint accepts user-supplied Python code and executes it directly using Python\u0027s built-in exec() function without sandboxing, input validation, or privilege restrictions, enabling any authenticated user to execute arbitrary system commands with the full privileges of the Langflow server process.\u003c/p\u003e"
                }
              ],
              "value": "IBM Langflow OSS 1.0.0 through 1.10.0 contain a critical remote code execution vulnerability in the code validation API endpoint.\u00a0The POST /api/v1/validate/code endpoint accepts user-supplied Python code and executes it directly using Python\u0027s built-in exec() function without sandboxing, input validation, or privilege restrictions, enabling any authenticated user to execute arbitrary system commands with the full privileges of the Langflow server process."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.9,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T19:10:39.229Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7278923"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM strongly recommends addressing the vulnerability now by upgrading \u003ca href=\"https://pypi.org/project/langflow/\" rel=\"nofollow\"\u003eLangflow OSS to version 1.10.1\u003c/a\u003e\u003c/p\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now by upgrading  Langflow OSS to version 1.10.1 https://pypi.org/project/langflow/"
            }
          ],
          "title": "Remote Code Execution via Code Validation Endpoint",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-8481",
        "datePublished": "2026-07-17T19:10:39.229Z",
        "dateReserved": "2026-05-13T13:52:34.784Z",
        "dateUpdated": "2026-07-17T19:40:47.943Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-8505 (GCVE-0-2026-8505)

    Vulnerability from cvelistv5 – Published: 2026-07-17 19:06 – Updated: 2026-07-17 23:15
    VLAI
    Title
    Authentication Bypass in Webhook Endpoints Allowed Unauthorized Flow Execution
    Summary
    IBM Langflow OSS 1.0.0 through 1.10.0 has a vulnerability in Langflow's webhook authentication logic allows unauthenticated users to trigger the execution of any flow. The system incorrectly bypasses API key validation when the WEBHOOK_AUTH_ENABLE configuration is set to False (which is the default setting). This allows a remote attacker who knows a flow's UUID to execute it as if they were the owner, potentially leading to Remote Code Execution (RCE).
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7278921 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Langflow OSS Affected: 1.0.0 , ≤ 1.10.0 (semver)
        cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:langflow_oss:1.10.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Edward-x (YLChen-007)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-8505",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-17T20:05:54.903179Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-17T23:15:27.248Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:langflow_oss:1.10.0:*:*:*:*:*:*:*"
              ],
              "product": "Langflow OSS",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "1.10.0",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Edward-x (YLChen-007)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Langflow OSS 1.0.0 through 1.10.0 has a vulnerability in Langflow\u0027s webhook authentication logic allows unauthenticated users to trigger the execution of any flow. The system incorrectly bypasses API key validation when the WEBHOOK_AUTH_ENABLE configuration is set to False (which is the default setting). This allows a remote attacker who knows a flow\u0027s UUID to execute it as if they were the owner, potentially leading to Remote Code Execution (RCE).\u003c/p\u003e"
                }
              ],
              "value": "IBM Langflow OSS 1.0.0 through 1.10.0 has a vulnerability in Langflow\u0027s webhook authentication logic allows unauthenticated users to trigger the execution of any flow. The system incorrectly bypasses API key validation when the WEBHOOK_AUTH_ENABLE configuration is set to False (which is the default setting). This allows a remote attacker who knows a flow\u0027s UUID to execute it as if they were the owner, potentially leading to Remote Code Execution (RCE)."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T19:06:00.986Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7278921"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM strongly recommends addressing the vulnerability now by upgrading \u003ca href=\"https://pypi.org/project/langflow/\" rel=\"nofollow\"\u003eLangflow OSS to version 1.10.1\u003c/a\u003e\u003c/p\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now by upgrading  Langflow OSS to version 1.10.1 https://pypi.org/project/langflow/"
            }
          ],
          "title": "Authentication Bypass in Webhook Endpoints Allowed Unauthorized Flow Execution",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-8505",
        "datePublished": "2026-07-17T19:06:00.986Z",
        "dateReserved": "2026-05-13T22:04:50.617Z",
        "dateUpdated": "2026-07-17T23:15:27.248Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-8635 (GCVE-0-2026-8635)

    Vulnerability from cvelistv5 – Published: 2026-07-17 19:02 – Updated: 2026-07-17 19:02
    VLAI
    Title
    Arbitrary Code Execution in Python Interpreter Component
    Summary
    IBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated users to escalate privileges to superuser by directly manipulating the database, execute arbitrary system commands, and achieve full system compromise with Langflow service permissions.
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7278925 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Langflow OSS Affected: 1.0.0 , ≤ 1.10.0 (semver)
        cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:langflow_oss:1.10.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    XlabAI (XlabAITeam) xlabai@tencent.com
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:langflow_oss:1.10.0:*:*:*:*:*:*:*"
              ],
              "product": "Langflow OSS",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "1.10.0",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "XlabAI (XlabAITeam) xlabai@tencent.com"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated users to escalate privileges to superuser by directly manipulating the database, execute arbitrary system commands, and achieve full system compromise with Langflow service permissions.\u003c/p\u003e"
                }
              ],
              "value": "IBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated users to escalate privileges to superuser by directly manipulating the database, execute arbitrary system commands, and achieve full system compromise with Langflow service permissions."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.9,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T19:02:03.977Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7278925"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM strongly recommends addressing the vulnerability now by upgrading \u003ca href=\"https://pypi.org/project/langflow/\" rel=\"nofollow\"\u003eLangflow OSS to version 1.10.1\u003c/a\u003e\u003c/p\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now by upgrading  Langflow OSS to version 1.10.1 https://pypi.org/project/langflow/"
            }
          ],
          "title": "Arbitrary Code Execution in Python Interpreter Component",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-8635",
        "datePublished": "2026-07-17T19:02:03.977Z",
        "dateReserved": "2026-05-14T19:17:56.124Z",
        "dateUpdated": "2026-07-17T19:02:03.977Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-8859 (GCVE-0-2026-8859)

    Vulnerability from cvelistv5 – Published: 2026-07-17 18:58 – Updated: 2026-07-17 18:58
    VLAI
    Title
    Path Traversal in APIRequest Component via Content-Disposition Header
    Summary
    IBM Langflow OSS 1.0.0 through 1.10.0 Langflow could allow an attacker to write arbitrary files to unintended locations due to improper input validation in the APIRequest component. A path traversal vulnerability exists when the "Save to File" feature is enabled, where filenames extracted from HTTP response Content-Disposition headers are not sanitized before being joined to the temporary directory path. An attacker controlling an external HTTP server can supply crafted filename values containing path traversal sequences (e.g., ../), enabling arbitrary file writes to locations accessible by the Langflow process.
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7278924 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Langflow OSS Affected: 1.0.0 , ≤ 1.10.0 (semver)
        cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:langflow_oss:1.10.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Shawn Dong (DongShuaike)
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:langflow_oss:1.10.0:*:*:*:*:*:*:*"
              ],
              "product": "Langflow OSS",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "1.10.0",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Shawn Dong (DongShuaike)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Langflow OSS 1.0.0 through 1.10.0 Langflow could allow an attacker to write arbitrary files to unintended locations due to improper input validation in the APIRequest component. A path traversal vulnerability exists when the \"Save to File\" feature is enabled, where filenames extracted from HTTP response Content-Disposition headers are not sanitized before being joined to the temporary directory path. An attacker controlling an external HTTP server can supply crafted filename values containing path traversal sequences (e.g., ../), enabling arbitrary file writes to locations accessible by the Langflow process.\u003c/p\u003e"
                }
              ],
              "value": "IBM Langflow OSS 1.0.0 through 1.10.0 Langflow could allow an attacker to write arbitrary files to unintended locations due to improper input validation in the APIRequest component. A path traversal vulnerability exists when the \"Save to File\" feature is enabled, where filenames extracted from HTTP response Content-Disposition headers are not sanitized before being joined to the temporary directory path. An attacker controlling an external HTTP server can supply crafted filename values containing path traversal sequences (e.g., ../), enabling arbitrary file writes to locations accessible by the Langflow process."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.9,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T18:58:13.948Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7278924"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM strongly recommends addressing the vulnerability now by upgrading \u003ca href=\"https://pypi.org/project/langflow/\" rel=\"nofollow\"\u003eLangflow OSS to version 1.10.1\u003c/a\u003e\u003c/p\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now by upgrading  Langflow OSS to version 1.10.1 https://pypi.org/project/langflow/"
            }
          ],
          "title": "Path Traversal in APIRequest Component via Content-Disposition Header",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-8859",
        "datePublished": "2026-07-17T18:58:13.948Z",
        "dateReserved": "2026-05-18T18:20:51.714Z",
        "dateUpdated": "2026-07-17T18:58:13.948Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-8861 (GCVE-0-2026-8861)

    Vulnerability from cvelistv5 – Published: 2026-07-17 18:54 – Updated: 2026-07-17 18:54
    VLAI
    Title
    Security vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access
    Summary
    IBM Security Verify could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.  This information could be used in further attacks against the system.
    CWE
    • CWE-209 - Generation of Error Message Containing Sensitive Information
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7279510 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Verify Identity Access Affected: 11.0 , ≤ 11.0.2 (semver)
        cpe:2.3:a:ibm:verify_identity_access:11.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:verify_identity_access:11.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:verify_identity_access:11.0.2:*:*:*:*:*:*:*
    Create a notification for this product.
    IBM Security Verify Access Affected: 10.0 , ≤ 10.0.9.1 (semver)
        cpe:2.3:a:ibm:security_verify_access:10.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:security_verify_access:10.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:security_verify_access:10.0.9.1:*:*:*:*:*:*:*
    Create a notification for this product.
    IBM Verify Identity Access Container Affected: 11.0 , ≤ 11.0.2 (semver)
        cpe:2.3:a:ibm:verify_identity_access_container:11.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:verify_identity_access_container:11.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:verify_identity_access_container:11.0.2:*:*:*:*:*:*:*
    Create a notification for this product.
    IBM Security Verify Access Container Affected: 10.0 , ≤ 10.0.9.1 (semver)
        cpe:2.3:a:ibm:security_verify_access_container:10.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:security_verify_access_container:10.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:security_verify_access_container:10.0.9.1:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:verify_identity_access:11.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:verify_identity_access:11.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:verify_identity_access:11.0.2:*:*:*:*:*:*:*"
              ],
              "product": "Verify Identity Access",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.2",
                  "status": "affected",
                  "version": "11.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:ibm:security_verify_access:10.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:security_verify_access:10.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:security_verify_access:10.0.9.1:*:*:*:*:*:*:*"
              ],
              "product": "Security Verify Access",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "10.0.9.1",
                  "status": "affected",
                  "version": "10.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:ibm:verify_identity_access_container:11.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:verify_identity_access_container:11.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:verify_identity_access_container:11.0.2:*:*:*:*:*:*:*"
              ],
              "product": "Verify Identity Access Container",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.2",
                  "status": "affected",
                  "version": "11.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:ibm:security_verify_access_container:10.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:security_verify_access_container:10.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:security_verify_access_container:10.0.9.1:*:*:*:*:*:*:*"
              ],
              "product": "Security Verify Access Container",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "10.0.9.1",
                  "status": "affected",
                  "version": "10.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Security Verify could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.\u0026nbsp; This information could be used in further attacks against the system.\u003c/p\u003e"
                }
              ],
              "value": "IBM Security Verify could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.\u00a0 This information could be used in further attacks against the system."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-209",
                  "description": "CWE-209 Generation of Error Message Containing Sensitive Information",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T18:54:36.296Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7279510"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003e\u003cstrong\u003eIBM encourages customers to update their systems promptly.\u003c/strong\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eAppliance:\u003c/strong\u003e\u003c/p\u003e\u003cdiv\u003e\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003e\u003cstrong\u003eAffected Products and Versions\u003c/strong\u003e\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u003cstrong\u003eFix availability\u003c/strong\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eIBM Verify Identity Access 11.0 - 11.0.2\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u003ca href=\"https://www.ibm.com/support/pages/download-ibm-verify-identity-access-v1103\" rel=\"nofollow\"\u003eDownload IBM Verify Identity Access v11.0.3\u003c/a\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u003cp\u003eIBM Security Verify Access 10.0 0 - 10.0.9.1\u003c/p\u003e\u003c/td\u003e\u003ctd\u003e\u003cp\u003e\u003ca href=\"https://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FIBM+Security+Verify+Access\u0026amp;fixids=10.0.9-ISS-ISVA-FP0002\u0026amp;source=SAR\" rel=\"nofollow\"\u003eDownload IBM Security Verify Access v10.0.9.2\u003c/a\u003e\u003c/p\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/thead\u003e\u003c/table\u003e\u003c/div\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eContainer:\u003c/strong\u003e\u003c/p\u003e\u003cp\u003e\u003ca href=\"https://docs.verify.ibm.com/ibm-security-verify-access/docs/containers\" rel=\"nofollow\"\u003eContainer Download\u003c/a\u003e\u003c/p\u003e"
                }
              ],
              "value": "IBM encourages customers to update their systems promptly.\n\n\n\n\n\n\n\nAppliance:\n\n\n\nAffected Products and Versions\n\n\n\nFix availability\n\n\n\nIBM Verify Identity Access 11.0 - 11.0.2\n\n\n\n Download IBM Verify Identity Access v11.0.3 https://www.ibm.com/support/pages/download-ibm-verify-identity-access-v1103 \n\n\n\nIBM Security Verify Access 10.0 0 - 10.0.9.1\n\n\n\n Download IBM Security Verify Access v10.0.9.2 https://www.ibm.com/support/fixcentral/quickorder \n\n\n\n\n\n\n\n\n\nContainer:\n\n\n\n Container Download https://docs.verify.ibm.com/ibm-security-verify-access/docs/containers"
            }
          ],
          "title": "Security vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-8861",
        "datePublished": "2026-07-17T18:54:36.296Z",
        "dateReserved": "2026-05-18T18:50:49.014Z",
        "dateUpdated": "2026-07-17T18:54:36.296Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-9103 (GCVE-0-2026-9103)

    Vulnerability from cvelistv5 – Published: 2026-07-17 18:49 – Updated: 2026-07-17 18:49
    VLAI
    Title
    Unauthenticated Superuser Token Issuance via Auto-Login Endpoint
    Summary
    IBM Langflow OSS 1.0.0 through 1.10.0 could allow a remote attacker to gain unauthorized access due to improper authentication in the /api/v1/login/auto_login endpoint. The endpoint issues long-lived superuser bearer tokens without requiring authentication when the AUTO_LOGIN configuration is enabled (enabled by default), which may allow an unauthenticated network attacker to obtain full administrative access. Additionally, permissive cross-origin resource sharing (CORS) settings may allow tokens to be exposed to unintended origins, increasing the risk of unauthorized access.
    CWE
    • CWE-306 - Missing Authentication for Critical Function
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7278926 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Langflow OSS Affected: 1.0.0 , ≤ 1.10.0 (semver)
        cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:langflow_oss:1.10.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Bugbunny (bugbunny-research) Bugbunny @bugbunny_ai bugbunny.ai https://x.com/bugbunny_ai
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:langflow_oss:1.10.0:*:*:*:*:*:*:*"
              ],
              "product": "Langflow OSS",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "1.10.0",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Bugbunny  (bugbunny-research) Bugbunny @bugbunny_ai bugbunny.ai https://x.com/bugbunny_ai"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Langflow OSS 1.0.0 through 1.10.0 could allow a remote attacker to gain unauthorized access due to improper authentication in the /api/v1/login/auto_login endpoint. The endpoint issues long-lived superuser bearer tokens without requiring authentication when the AUTO_LOGIN configuration is enabled (enabled by default), which may allow an unauthenticated network attacker to obtain full administrative access. Additionally, permissive cross-origin resource sharing (CORS) settings may allow tokens to be exposed to unintended origins, increasing the risk of unauthorized access.\u003c/p\u003e"
                }
              ],
              "value": "IBM Langflow OSS 1.0.0 through 1.10.0 could allow a remote attacker to gain unauthorized access due to improper authentication in the /api/v1/login/auto_login endpoint. The endpoint issues long-lived superuser bearer tokens without requiring authentication when the AUTO_LOGIN configuration is enabled (enabled by default), which may allow an unauthenticated network attacker to obtain full administrative access. Additionally, permissive cross-origin resource sharing (CORS) settings may allow tokens to be exposed to unintended origins, increasing the risk of unauthorized access."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-306",
                  "description": "CWE-306 Missing Authentication for Critical Function",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T18:49:43.340Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7278926"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM strongly recommends addressing the vulnerability now by upgrading \u003ca href=\"https://pypi.org/project/langflow/\" rel=\"nofollow\"\u003eLangflow OSS to version 1.10.1\u003c/a\u003e\u003c/p\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now by upgrading  Langflow OSS to version 1.10.1 https://pypi.org/project/langflow/"
            }
          ],
          "title": "Unauthenticated Superuser Token Issuance via Auto-Login Endpoint",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-9103",
        "datePublished": "2026-07-17T18:49:43.340Z",
        "dateReserved": "2026-05-20T16:49:30.512Z",
        "dateUpdated": "2026-07-17T18:49:43.340Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-9135 (GCVE-0-2026-9135)

    Vulnerability from cvelistv5 – Published: 2026-07-17 18:48 – Updated: 2026-07-17 18:48
    VLAI
    Title
    Policies Component Dynamic CodeInput Fields Bypass Custom Component Validation
    Summary
    IBM Langflow OSS 1.0.0 through 1.10.0 Langflow versions up to 1.9.2 (commit 94981c443d4918517b9e8163d70fc598dc33a32d) contain a code injection vulnerability in the Policies component's ToolGuard integration that bypasses the allow_custom_components=false security control. The vulnerability exists because the validation mechanism only checks the main component source code in node_template["code"]["value"] but fails to validate dynamic CodeInput fields that store generated ToolGuard Python files. Attackers can embed malicious Python code in these unvalidated dynamic fields, which are persisted in Flow.data and later executed server-side when a guarded tool is invoked through the ToolGuard runtime. This allows authenticated users with flow creation privileges to achieve arbitrary Python code execution on the backend despite custom component restrictions. The vulnerability can be escalated through cross-tenant flow manipulation via the agentic MCP update_flow_component_field tool, which accepts attacker-controlled user_id parameters, enabling attackers to inject malicious code into victim users' flows. When combined with publicly accessible flows and specific misconfigurations (AUTO_LOGIN=true, NEW_USER_IS_ACTIVE=true), the attack can be conducted with reduced authentication requirements.
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7278920 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Langflow OSS Affected: 1.0.0 , ≤ 1.10.0 (semver)
        cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:langflow_oss:1.10.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:langflow_oss:1.0.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:langflow_oss:1.10.0:*:*:*:*:*:*:*"
              ],
              "product": "Langflow OSS",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "1.10.0",
                  "status": "affected",
                  "version": "1.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Langflow OSS 1.0.0 through 1.10.0 Langflow versions up to 1.9.2 (commit 94981c443d4918517b9e8163d70fc598dc33a32d) contain a code injection vulnerability in the Policies component\u0027s ToolGuard integration that bypasses the allow_custom_components=false security control. The vulnerability exists because the validation mechanism only checks the main component source code in node_template[\"code\"][\"value\"] but fails to validate dynamic CodeInput fields that store generated ToolGuard Python files. Attackers can embed malicious Python code in these unvalidated dynamic fields, which are persisted in Flow.data and later executed server-side when a guarded tool is invoked through the ToolGuard runtime. This allows authenticated users with flow creation privileges to achieve arbitrary Python code execution on the backend despite custom component restrictions. The vulnerability can be escalated through cross-tenant flow manipulation via the agentic MCP update_flow_component_field tool, which accepts attacker-controlled user_id parameters, enabling attackers to inject malicious code into victim users\u0027 flows. When combined with publicly accessible flows and specific misconfigurations (AUTO_LOGIN=true, NEW_USER_IS_ACTIVE=true), the attack can be conducted with reduced authentication requirements.\u003c/p\u003e"
                }
              ],
              "value": "IBM Langflow OSS 1.0.0 through 1.10.0 Langflow versions up to 1.9.2 (commit 94981c443d4918517b9e8163d70fc598dc33a32d) contain a code injection vulnerability in the Policies component\u0027s ToolGuard integration that bypasses the allow_custom_components=false security control. The vulnerability exists because the validation mechanism only checks the main component source code in node_template[\"code\"][\"value\"] but fails to validate dynamic CodeInput fields that store generated ToolGuard Python files. Attackers can embed malicious Python code in these unvalidated dynamic fields, which are persisted in Flow.data and later executed server-side when a guarded tool is invoked through the ToolGuard runtime. This allows authenticated users with flow creation privileges to achieve arbitrary Python code execution on the backend despite custom component restrictions. The vulnerability can be escalated through cross-tenant flow manipulation via the agentic MCP update_flow_component_field tool, which accepts attacker-controlled user_id parameters, enabling attackers to inject malicious code into victim users\u0027 flows. When combined with publicly accessible flows and specific misconfigurations (AUTO_LOGIN=true, NEW_USER_IS_ACTIVE=true), the attack can be conducted with reduced authentication requirements."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.9,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-17T18:48:55.949Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7278920"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM strongly recommends addressing the vulnerability now by upgrading \u003ca href=\"https://pypi.org/project/langflow/\" rel=\"nofollow\"\u003eLangflow OSS to version 1.10.1\u003c/a\u003e\u003c/p\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now by upgrading Langflow OSS to version 1.10.1"
            }
          ],
          "title": "Policies Component Dynamic CodeInput Fields Bypass Custom Component Validation",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2026-9135",
        "datePublished": "2026-07-17T18:48:55.949Z",
        "dateReserved": "2026-05-20T18:38:22.538Z",
        "dateUpdated": "2026-07-17T18:48:55.949Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }