CVE search
363,116 resultsCVE-2026-11546HIGHIBM WebSphere Application Server Liberty is affected by a server-side request forgery vulnerabilityEPSS 0.2%CVE-2026-11595MEDIUMIBM WebSphere Application Server is affected by a Path Traversal vulnerabilityEPSS 0.3%CVE-2026-11708CRITICALIBM WebSphere Application Server is affected by a cross-site scripting vulnerabilityEPSS 0.2%CVE-2026-11712CRITICALIBM WebSphere Application Server is affected by a cross-site scripting vulnerabilityEPSS 0.2%CVE-2026-11714HIGHIBM WebSphere Application Server Liberty is affected by an authorization bypass vulnerabilityEPSS 0.2%CVE-2026-11806HIGHIBM WebSphere Application Server Liberty is affected by a an arbitrary file read vulnerabilityEPSS 0.5%CVE-2026-11906MEDIUMIBM® Db2® federated server is vulnerable to a denial of service due to improper neutralization of special elements in the data query logic of XMLTable-derived columns by autheticated userEPSS 0.4%CVE-2026-12084MEDIUMIBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to a Permissive Cross-domain Security Policy with Untrusted DomainsEPSS 0.1%CVE-2026-12085MEDIUMIBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptable to an Insertion of Sensitive Information Into Sent Data vulnerabilityEPSS 0.2%CVE-2026-12086MEDIUMIBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is susceptible to a Insertion of Sensitive Information into Log File VulnerabilityEPSS 0.1%CVE-2026-13449HIGHXXE attack in IBM Business Automation Manager Open EditionsEPSS 0.4%CVE-2026-13759HIGHIBM WebSphere eXtreme Scale is affected by Insecure DeserilizationEPSS 0.3%CVE-2026-13772HIGHIBM WebSphere eXtreme Scale's OQL is affected by remote code executionEPSS 0.3%CVE-2026-13773MEDIUMIBM WebSphere eXtreme Scale is affected by server side request forgery when ORB is used as Transport ProtocolEPSS 3.0%CVE-2026-3602MEDIUMIBM App Connect Enterprise and IBM Integration Bus for z/OS toolkit is vulnerable to an sql injectionEPSS 0.2%CVE-2026-7663CRITICALUnauthenticated Cross-User MCP Resource Access and Tool Execution via Streamable Transport Authorization BypassEPSS 0.2%CVE-2026-7803CRITICALFlow Validation Bypass via Empty Component Type FieldEPSS 0.4%CVE-2026-7871CRITICALInsecure Deserialization in Redis Cache BackendEPSS 0.4%CVE-2026-7873CRITICALCode Injection Vulnerability in Code Validation EndpointEPSS 0.3%CVE-2026-7874CRITICALWeak Cryptographic Key Derivation Exposed All Stored CredentialsEPSS 0.2%