IBM threat watch

IBM product CVE coverage for enterprise software, middleware, security tooling, cloud services, and infrastructure components.

Watch items

Recent IBM watch items

Showing the 20 most recent items, newest first. Each row links to the official advisory.

20 rows · sorted newest first

Operations view

i vulnerability (CVE-2026-10852)

HIGH
watchNVDCVE-2026-10852

IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to denial of service in the WebSphere WebServer Plug-in component when an attacker can pass crafted requests to the web server.

Jun 22, 2026, 3:16 PMOfficial source

i vulnerability (CVE-2026-9072)

CRITICAL
watchNVDCVE-2026-9072

IBM WebSphere Application Server and IBM WebSphere Application Server Liberty - when using Intelligent Management with the WebSphere WebServer Plug-in component - are vulnerable to remote code execution and denial of service. This vulnerability can be exploited when an attacker impersonates backend servers and sends crafted responses to the plug-in.

Jun 22, 2026, 11:16 AMOfficial source

websphere application server vulnerability (CVE-2026-9006)

CRITICAL
watchNVDCVE-2026-9006

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to server-side request forgery (SSRF) with the Ajax Proxy configured. This may allow an attacker to send unauthorized requests from the system, resulting in a security bypass or information disclosure.

Jun 22, 2026, 11:16 AMOfficial source

i vulnerability (CVE-2026-8858)

HIGH
watchNVDCVE-2026-8858

IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to remote code execution and denial of service in the WebSphere Web Server Plug-in component. This vulnerability can be exploited when an attacker impersonates the application server and sends crafted responses to the plug-in.

Jun 22, 2026, 11:16 AMOfficial source

websphere application server vulnerability (CVE-2026-8646)

CRITICAL
watchNVDCVE-2026-8646

IBM WebSphere Application Server 9.0 and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are vulnerable to HTTP request smuggling. A remote attacker could smuggle a specially crafted request to the application server thereby allowing the attacker to bypass security controls, spoof identity, escalate privilege, and expose sensitive information.

Jun 22, 2026, 11:16 AMOfficial source

datacap vulnerability (CVE-2026-8636)

HIGH
watchNVDCVE-2026-8636

IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 allows an attacker to retrieve user passwords and cryptographic keys from memory. Attacker can use the same keys to decrypt password, gain access to the application and access sensitive data in the database.

Jun 22, 2026, 11:16 AMOfficial source

watson speech services cartridge vulnerability (CVE-2026-7253)

HIGH
watchNVDCVE-2026-7253

IBM Watson Speech Services Cartridge is vulnerable to Server-Side Request Forgery (SSRF) in Sterling File Gateway, due to a flaw which may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks [GHSA-rr7j-v2q5-chgv] [CVE-2026-7253]. IBM Sterling File Gateway is used in our speech runtimes. This vulnerabilitiy has been addressed. Please read the details for remediation below.

Jun 22, 2026, 11:16 AMOfficial source

i vulnerability (CVE-2026-7870)

HIGH
watchNVDCVE-2026-7870

IBM i 7.6, 7.5, 7.4, and 7.3 could allow a user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privilege.

Jun 11, 2026, 11:16 AMOfficial source

websphere application server vulnerability (CVE-2026-9330)

HIGH
watchNVDCVE-2026-9330

IBM WebSphere Application Server 9.0, and 8.5 is affected by an improper validation of user-supplied data during deserialization using the SAML Web Single Sign-On component. This could result in remote code execution via a crafted HTTP request when combined with a suitable gadget chain.

Jun 1, 2026, 2:16 PMOfficial source

websphere application server vulnerability (CVE-2026-9319)

CRITICAL
watchNVDCVE-2026-9319

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to potential remote code execution due to deserialization of untrusted data via JAX-WS endpoints with WS-Security.

Jun 1, 2026, 2:16 PMOfficial source

websphere application server vulnerability (CVE-2026-9311)

CRITICAL
watchNVDCVE-2026-9311

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls.

Jun 1, 2026, 2:16 PMOfficial source

websphere application server vulnerability (CVE-2026-8644)

CRITICAL
watchNVDCVE-2026-8644

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to identity spoofing.

Jun 1, 2026, 2:16 PMOfficial source

aspera high-speed transfer endpoint vulnerability (CVE-2026-8180)

HIGH
watchNVDCVE-2026-8180

IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a potential denial of service in the asperahttpd component. An unauthenticated user can cause the asperahttpd service to crash.

May 27, 2026, 9:17 AMOfficial source

aspera high-speed transfer endpoint vulnerability (CVE-2026-8179)

HIGH
watchNVDCVE-2026-8179

IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a buffer overflow in the asperahttpd component. This vulnerability could allow an authenticated user to execute arbitrary code on the system.

May 27, 2026, 9:17 AMOfficial source

aspera high-speed transfer endpoint vulnerability (CVE-2026-8175)

CRITICAL
watchNVDCVE-2026-8175

IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a buffer overflow in the asperahttpd component. This vulnerability could be exploited to cause a denial of service and potentially lead to authentication bypass or remote code execution.

May 27, 2026, 9:17 AMOfficial source

aspera high-speed transfer server for cloud pak for integration vulnerability (CVE-2026-7876)

CRITICAL
watchNVDCVE-2026-7876

IBM Aspera HSTS for CP4I 1.5.1 through 1.5.19 is affected by an authentication bypass vulnerability. A transfer client may be able to take advantage of this vulnerability to access files in the server's local storage that they should not have access to, when specific restriction settings are not in place.

May 27, 2026, 9:17 AMOfficial source

operations analytics log analysis vulnerability (CVE-2026-7365)

HIGH
watchNVDCVE-2026-7365

IBM Operations Analytics - Log Analysis  and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication.

May 27, 2026, 9:17 AMOfficial source

db2 vulnerability (CVE-2026-6938)

HIGH
watchNVDCVE-2026-6938

IBM Db2 12.1.0 through 12.1.4 is vulnerable to authorization bypass when uploading to a remote object storage path with a special query.

May 27, 2026, 9:17 AMOfficial source

db2 vulnerability (CVE-2026-6052)

HIGH
watchNVDCVE-2026-6052

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to running out of memory when executing certain queries with MDC tables.

May 27, 2026, 9:17 AMOfficial source

db2 vulnerability (CVE-2026-6051)

HIGH
watchNVDCVE-2026-6051

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when executing a specially crafted query with a small statement heap.

May 27, 2026, 9:17 AMOfficial source

Vendor watch hub

What this page covers

The IBMwatch hub is a vendor-specific view inside ITECS MSP Threat Radar. We pull the latest security advisories, incidents, and known-exploited CVEs directly from the official feeds below, score each one for MSP relevance, and surface what's most likely to need attention this week.

  • Confirm whether recent IBM activity overlaps with your environment.
  • Prioritize advisories by MSP-relevance score, severity, and status.
  • Turn the signal into an assessment, briefing, or managed-service engagement with ITECS.

At a glance

Tracked

363

Active

7

Featured

65

Unique CVEs

20

Most recent entry

Jun 22, 2026, 3:16 PM

Feed refreshes daily · 5:15 a.m. Central

Sources·CISA KEV and NVD (product vendor coverage)

"Most recent entry" is the newest item the upstream feed has published — not our sync time.

Related vendors

Other cloud vendors in the radar

Vendor watch FAQ

Common questions

What is the IBM threat watch page?

It is the IBM-specific view inside ITECS Threat Radar, built to track recent advisories, incidents, and watch items that may affect Dallas-area business operations.

How should teams use the IBM watch page?

Use it to confirm whether current IBM issues overlap with your environment, prioritize remediation, and decide whether you need an assessment, managed security follow-through, or vendor-specific hardening work.

Can ITECS help respond to IBM security issues?

Yes. ITECS can help map IBM advisories against your systems, validate affected services, prioritize remediation, and connect the issue to broader managed cybersecurity or managed IT workflows.