Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-2436 (GCVE-0-2026-2436)
Vulnerability from cvelistv5 – Published: 2026-03-26 19:31 – Updated: 2026-04-21 16:00
VLAI
EPSS
Title
Libsoup: libsoup: denial of service via use-after-free in soupserver during tls handshake
Summary
A flaw was found in libsoup's SoupServer. A remote attacker could exploit a use-after-free vulnerability where the `soup_server_disconnect()` function frees connection objects prematurely, even if a TLS handshake is still pending. If the handshake completes after the connection object has been freed, a dangling pointer is accessed, leading to a server crash and a Denial of Service.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-825 - Expired Pointer Dereference
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://access.redhat.com/security/cve/CVE-2026-2436 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2442909 | issue-trackingx_refsource_REDHAT |
| https://gitlab.gnome.org/GNOME/libsoup/-/issues/501 |
Impacted products
5 products
| Vendor | Product | Version | |
|---|---|---|---|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 6 |
cpe:/o:redhat:enterprise_linux:6 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
Date Public
2026-02-11 00:00
Credits
Red Hat would like to thank Ilya Rozentsvaig for reporting this issue.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2436",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-27T19:47:34.578740Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-27T19:47:47.292Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "libsoup3",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "affected",
"packageName": "libsoup",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "affected",
"packageName": "libsoup",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"packageName": "libsoup",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"packageName": "libsoup",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Ilya Rozentsvaig for reporting this issue."
}
],
"datePublic": "2026-02-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in libsoup\u0027s SoupServer. A remote attacker could exploit a use-after-free vulnerability where the `soup_server_disconnect()` function frees connection objects prematurely, even if a TLS handshake is still pending. If the handshake completes after the connection object has been freed, a dangling pointer is accessed, leading to a server crash and a Denial of Service."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-825",
"description": "Expired Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-21T16:00:28.482Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-2436"
},
{
"name": "RHBZ#2442909",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442909"
},
{
"url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/501"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-02-26T01:10:12.702Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-02-11T00:00:00.000Z",
"value": "Made public."
}
],
"title": "Libsoup: libsoup: denial of service via use-after-free in soupserver during tls handshake",
"x_generator": {
"engine": "cvelib 1.8.0"
},
"x_redhatCweChain": "CWE-825: Expired Pointer Dereference"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2026-2436",
"datePublished": "2026-03-26T19:31:34.270Z",
"dateReserved": "2026-02-12T23:01:17.156Z",
"dateUpdated": "2026-04-21T16:00:28.482Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-2436",
"date": "2026-06-17",
"epss": "0.00447",
"percentile": "0.35473"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-2436\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2026-03-26T20:16:11.720\",\"lastModified\":\"2026-04-21T15:48:48.817\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in libsoup\u0027s SoupServer. A remote attacker could exploit a use-after-free vulnerability where the `soup_server_disconnect()` function frees connection objects prematurely, even if a TLS handshake is still pending. If the handshake completes after the connection object has been freed, a dangling pointer is accessed, leading to a server crash and a Denial of Service.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 un defecto en el SoupServer de libsoup. Un atacante remoto podr\u00eda explotar una vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n donde la funci\u00f3n \u0027soup_server_disconnect()\u0027 libera objetos de conexi\u00f3n prematuramente, incluso si un handshake TLS todav\u00eda est\u00e1 pendiente. Si el handshake se completa despu\u00e9s de que el objeto de conexi\u00f3n ha sido liberado, se accede a un puntero colgante, lo que lleva a un fallo del servidor y a una denegaci\u00f3n de servicio.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":4.2},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H\",\"baseScore\":8.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":4.2}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-825\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnome:libsoup:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5BAC4F4-3ACD-4F4D-920C-F920FD2C5472\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F6FB57C-2BC7-487C-96DD-132683AEB35D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C\"}]}]}],\"references\":[{\"url\":\"https://access.redhat.com/security/cve/CVE-2026-2436\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2442909\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://gitlab.gnome.org/GNOME/libsoup/-/issues/501\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-2436\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-27T19:47:34.578740Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-27T19:47:43.552Z\"}}], \"cna\": {\"title\": \"Libsoup: libsoup: denial of service via use-after-free in soupserver during tls handshake\", \"credits\": [{\"lang\": \"en\", \"value\": \"Red Hat would like to thank Ilya Rozentsvaig for reporting this issue.\"}], \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Moderate\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"packageName\": \"libsoup3\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 6\", \"packageName\": \"libsoup\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 7\", \"packageName\": \"libsoup\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"packageName\": \"libsoup\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"packageName\": \"libsoup\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-02-26T01:10:12.702Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2026-02-11T00:00:00.000Z\", \"value\": \"Made public.\"}], \"datePublic\": \"2026-02-11T00:00:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2026-2436\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2442909\", \"name\": \"RHBZ#2442909\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://gitlab.gnome.org/GNOME/libsoup/-/issues/501\"}], \"x_generator\": {\"engine\": \"cvelib 1.8.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in libsoup\u0027s SoupServer. A remote attacker could exploit a use-after-free vulnerability where the `soup_server_disconnect()` function frees connection objects prematurely, even if a TLS handshake is still pending. If the handshake completes after the connection object has been freed, a dangling pointer is accessed, leading to a server crash and a Denial of Service.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-825\", \"description\": \"Expired Pointer Dereference\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2026-04-21T16:00:28.482Z\"}, \"x_redhatCweChain\": \"CWE-825: Expired Pointer Dereference\"}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-2436\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-21T16:00:28.482Z\", \"dateReserved\": \"2026-02-12T23:01:17.156Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2026-03-26T19:31:34.270Z\", \"assignerShortName\": \"redhat\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
CERTFR-2026-AVI-0420
Vulnerability from certfr_avis - Published: 2026-04-10 - Updated: 2026-04-10
De multiples vulnérabilités ont été découvertes dans les produits Microsoft. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "azl3 libsoup 3.4.4-14 versions ant\u00e9rieures \u00e0 3.4.4-15",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 xz 5.4.4-2 versions ant\u00e9rieures \u00e0 5.4.4-3",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 kernel 0.0.0-1 versions ant\u00e9rieures \u00e0 6.6.130.1-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "azl3 kernel 6.6.0.0-1 versions ant\u00e9rieures \u00e0 6.6.130.1-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-34743",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34743"
},
{
"name": "CVE-2026-23407",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23407"
},
{
"name": "CVE-2026-23408",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23408"
},
{
"name": "CVE-2026-23406",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23406"
},
{
"name": "CVE-2026-23410",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23410"
},
{
"name": "CVE-2026-23405",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23405"
},
{
"name": "CVE-2026-23403",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23403"
},
{
"name": "CVE-2026-2436",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2436"
},
{
"name": "CVE-2026-23411",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23411"
},
{
"name": "CVE-2026-23409",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23409"
},
{
"name": "CVE-2026-23404",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23404"
}
],
"initial_release_date": "2026-04-10T00:00:00",
"last_revision_date": "2026-04-10T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0420",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-04-10T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Microsoft. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft",
"vendor_advisories": [
{
"published_at": "2026-04-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23408",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23408"
},
{
"published_at": "2026-04-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23405",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23405"
},
{
"published_at": "2026-04-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23409",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23409"
},
{
"published_at": "2026-04-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23404",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23404"
},
{
"published_at": "2026-04-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23406",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23406"
},
{
"published_at": "2026-04-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23410",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23410"
},
{
"published_at": "2026-04-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23411",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23411"
},
{
"published_at": "2026-04-02",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-2436",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-2436"
},
{
"published_at": "2026-04-04",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-34743",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34743"
},
{
"published_at": "2026-04-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23407",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23407"
},
{
"published_at": "2026-04-10",
"title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23403",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23403"
}
]
}
FKIE_CVE-2026-2436
Vulnerability from fkie_nvd - Published: 2026-03-26 20:16 - Updated: 2026-04-21 15:48
Severity
6.5 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
Summary
A flaw was found in libsoup's SoupServer. A remote attacker could exploit a use-after-free vulnerability where the `soup_server_disconnect()` function frees connection objects prematurely, even if a TLS handshake is still pending. If the handshake completes after the connection object has been freed, a dangling pointer is accessed, leading to a server crash and a Denial of Service.
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/security/cve/CVE-2026-2436 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=2442909 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://gitlab.gnome.org/GNOME/libsoup/-/issues/501 | Exploit, Issue Tracking, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnome | libsoup | - | |
| redhat | enterprise_linux | 6.0 | |
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux | 8.0 | |
| redhat | enterprise_linux | 9.0 | |
| redhat | enterprise_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnome:libsoup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C5BAC4F4-3ACD-4F4D-920C-F920FD2C5472",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in libsoup\u0027s SoupServer. A remote attacker could exploit a use-after-free vulnerability where the `soup_server_disconnect()` function frees connection objects prematurely, even if a TLS handshake is still pending. If the handshake completes after the connection object has been freed, a dangling pointer is accessed, leading to a server crash and a Denial of Service."
},
{
"lang": "es",
"value": "Se encontr\u00f3 un defecto en el SoupServer de libsoup. Un atacante remoto podr\u00eda explotar una vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n donde la funci\u00f3n \u0027soup_server_disconnect()\u0027 libera objetos de conexi\u00f3n prematuramente, incluso si un handshake TLS todav\u00eda est\u00e1 pendiente. Si el handshake se completa despu\u00e9s de que el objeto de conexi\u00f3n ha sido liberado, se accede a un puntero colgante, lo que lleva a un fallo del servidor y a una denegaci\u00f3n de servicio."
}
],
"id": "CVE-2026-2436",
"lastModified": "2026-04-21T15:48:48.817",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 4.2,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2026-03-26T20:16:11.720",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-2436"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442909"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/501"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-825"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
}
]
}
GHSA-WPFW-5XVC-WQ9W
Vulnerability from github – Published: 2026-03-26 21:31 – Updated: 2026-03-26 21:31
VLAI
Details
A flaw was found in libsoup's SoupServer. A remote attacker could exploit a use-after-free vulnerability where the soup_server_disconnect() function frees connection objects prematurely, even if a TLS handshake is still pending. If the handshake completes after the connection object has been freed, a dangling pointer is accessed, leading to a server crash and a Denial of Service.
Severity
6.5 (Medium)
{
"affected": [],
"aliases": [
"CVE-2026-2436"
],
"database_specific": {
"cwe_ids": [
"CWE-825"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-26T20:16:11Z",
"severity": "MODERATE"
},
"details": "A flaw was found in libsoup\u0027s SoupServer. A remote attacker could exploit a use-after-free vulnerability where the `soup_server_disconnect()` function frees connection objects prematurely, even if a TLS handshake is still pending. If the handshake completes after the connection object has been freed, a dangling pointer is accessed, leading to a server crash and a Denial of Service.",
"id": "GHSA-wpfw-5xvc-wq9w",
"modified": "2026-03-26T21:31:26Z",
"published": "2026-03-26T21:31:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2436"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2026-2436"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442909"
},
{
"type": "WEB",
"url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/501"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"type": "CVSS_V3"
}
]
}
MSRC_CVE-2026-2436
Vulnerability from csaf_microsoft - Published: 2026-03-02 00:00 - Updated: 2026-04-14 14:44Summary
Libsoup: libsoup: denial of service via use-after-free in soupserver during tls handshake
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
6.5 (Medium)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 21112-17084 | — | ||
| Unresolved product id: 21202-17084 | — |
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2026/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2026/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2026-2436 Libsoup: libsoup: denial of service via use-after-free in soupserver during tls handshake - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-2436.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Libsoup: libsoup: denial of service via use-after-free in soupserver during tls handshake",
"tracking": {
"current_release_date": "2026-04-14T14:44:01.000Z",
"generator": {
"date": "2026-04-15T07:27:57.373Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2026-2436",
"initial_release_date": "2026-03-02T00:00:00.000Z",
"revision_history": [
{
"date": "2026-04-02T01:05:41.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2026-04-02T14:39:00.000Z",
"legacy_version": "2",
"number": "2",
"summary": "Information published."
},
{
"date": "2026-04-09T14:38:04.000Z",
"legacy_version": "3",
"number": "3",
"summary": "Information published."
},
{
"date": "2026-04-14T14:44:01.000Z",
"legacy_version": "4",
"number": "4",
"summary": "Information published."
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 libsoup 3.4.4-14",
"product": {
"name": "\u003cazl3 libsoup 3.4.4-14",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "azl3 libsoup 3.4.4-14",
"product": {
"name": "azl3 libsoup 3.4.4-14",
"product_id": "21112"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 libsoup 3.4.4-15",
"product": {
"name": "\u003cazl3 libsoup 3.4.4-15",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "azl3 libsoup 3.4.4-15",
"product": {
"name": "azl3 libsoup 3.4.4-15",
"product_id": "21202"
}
}
],
"category": "product_name",
"name": "libsoup"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 libsoup 3.4.4-14 as a component of Azure Linux 3.0",
"product_id": "17084-2"
},
"product_reference": "2",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 libsoup 3.4.4-14 as a component of Azure Linux 3.0",
"product_id": "21112-17084"
},
"product_reference": "21112",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 libsoup 3.4.4-15 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 libsoup 3.4.4-15 as a component of Azure Linux 3.0",
"product_id": "21202-17084"
},
"product_reference": "21202",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-2436",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"notes": [
{
"category": "general",
"text": "redhat",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"21112-17084",
"21202-17084"
],
"known_affected": [
"17084-2",
"17084-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-2436 Libsoup: libsoup: denial of service via use-after-free in soupserver during tls handshake - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-2436.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-02T01:05:41.000Z",
"details": "3.4.4-15:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-2",
"17084-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalsScore": 0.0,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"17084-2",
"17084-1"
]
}
],
"title": "Libsoup: libsoup: denial of service via use-after-free in soupserver during tls handshake"
}
]
}
WID-SEC-W-2026-1007
Vulnerability from csaf_certbund - Published: 2026-04-07 22:00 - Updated: 2026-06-11 22:00Summary
IBM App Connect Enterprise: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: IBM App Connect Enterprise kombiniert die branchenbewährten Technologien des IBM Integration Bus mit Cloud-nativen Technologien.
Angriff: Ein Angreifer kann mehrere Schwachstellen in IBM App Connect Enterprise ausnutzen, um Sicherheitsvorkehrungen zu umgehen, um einen Denial of Service Angriff durchzuführen, um Informationen offenzulegen, um Dateien zu manipulieren, um einen Cross-Site Scripting Angriff durchzuführen, um einen SQL-Injection Angriff durchzuführen, und um beliebigen Programmcode auszuführen.
Betroffene Betriebssysteme: - Linux
- Sonstiges
- UNIX
- Windows
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
Affected products
Known affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 10.0 Extended Update Support
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10.0_extended_update_support
|
10.0 Extended Update Support | |
|
IBM App Connect Enterprise
IBM / App Connect Enterprise
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
IBM QRadar SIEM
IBM
|
cpe:/a:ibm:qradar_siem:-
|
— | |
|
IBM App Connect Enterprise <13.0.7.1
IBM / App Connect Enterprise
|
<13.0.7.1 |
References
14 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM App Connect Enterprise kombiniert die branchenbew\u00e4hrten Technologien des IBM Integration Bus mit Cloud-nativen Technologien.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in IBM App Connect Enterprise ausnutzen, um Sicherheitsvorkehrungen zu umgehen, um einen Denial of Service Angriff durchzuf\u00fchren, um Informationen offenzulegen, um Dateien zu manipulieren, um einen Cross-Site Scripting Angriff durchzuf\u00fchren, um einen SQL-Injection Angriff durchzuf\u00fchren, und um beliebigen Programmcode auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-1007 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1007.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-1007 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1007"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7268737 vom 2026-04-07",
"url": "https://www.ibm.com/support/pages/node/7268737"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7268738 vom 2026-04-07",
"url": "https://www.ibm.com/support/pages/node/7268738"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7268740 vom 2026-04-07",
"url": "https://www.ibm.com/support/pages/node/7268740"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7268741 vom 2026-04-07",
"url": "https://www.ibm.com/support/pages/node/7268741"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7268743 vom 2026-04-07",
"url": "https://www.ibm.com/support/pages/node/7268743"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7268744 vom 2026-04-07",
"url": "https://www.ibm.com/support/pages/node/7268744"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7268745 vom 2026-04-07",
"url": "https://www.ibm.com/support/pages/node/7268745"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7268747 vom 2026-04-07",
"url": "https://www.ibm.com/support/pages/node/7268747"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:14087 vom 2026-05-06",
"url": "https://access.redhat.com/errata/RHSA-2026:14087"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:17083 vom 2026-05-13",
"url": "https://access.redhat.com/errata/RHSA-2026:17083"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7274746 vom 2026-06-01",
"url": "https://www.ibm.com/support/pages/node/7274746"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7275963 vom 2026-06-11",
"url": "https://www.ibm.com/support/pages/node/7275963"
}
],
"source_lang": "en-US",
"title": "IBM App Connect Enterprise: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-06-11T22:00:00.000+00:00",
"generator": {
"date": "2026-06-12T07:37:37.117+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2026-1007",
"initial_release_date": "2026-04-07T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-04-07T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-05-06T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-05-14T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-06-01T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-06-11T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von IBM und IBM-APAR aufgenommen"
}
],
"status": "final",
"version": "5"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c13.0.7.1",
"product": {
"name": "IBM App Connect Enterprise \u003c13.0.7.1",
"product_id": "2F33676F-DD00-4E4F-ADCC-F29993D51A12"
}
},
{
"category": "product_version",
"name": "13.0.7.1",
"product": {
"name": "IBM App Connect Enterprise 13.0.7.1",
"product_id": "2F33676F-DD00-4E4F-ADCC-F29993D51A12-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:13.0.7.1"
}
}
},
{
"category": "product_name",
"name": "IBM App Connect Enterprise",
"product": {
"name": "IBM App Connect Enterprise",
"product_id": "T052517",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:-"
}
}
}
],
"category": "product_name",
"name": "App Connect Enterprise"
},
{
"category": "product_name",
"name": "IBM QRadar SIEM",
"product": {
"name": "IBM QRadar SIEM",
"product_id": "T021415",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_version",
"name": "10.0 Extended Update Support",
"product": {
"name": "Red Hat Enterprise Linux 10.0 Extended Update Support",
"product_id": "T054024",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.0_extended_update_support"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-14550",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2025-14550"
},
{
"cve": "CVE-2025-14831",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2025-14831"
},
{
"cve": "CVE-2025-15281",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2025-15281"
},
{
"cve": "CVE-2025-15366",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2025-15366"
},
{
"cve": "CVE-2025-15367",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2025-15367"
},
{
"cve": "CVE-2025-15599",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2025-15599"
},
{
"cve": "CVE-2025-55130",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2025-55130"
},
{
"cve": "CVE-2025-55131",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2025-55131"
},
{
"cve": "CVE-2025-55132",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2025-55132"
},
{
"cve": "CVE-2025-59465",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2025-59465"
},
{
"cve": "CVE-2025-59466",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2025-59466"
},
{
"cve": "CVE-2025-68470",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2025-68470"
},
{
"cve": "CVE-2025-9820",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2025-9820"
},
{
"cve": "CVE-2026-0540",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-0540"
},
{
"cve": "CVE-2026-0861",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-0861"
},
{
"cve": "CVE-2026-0915",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-0915"
},
{
"cve": "CVE-2026-0980",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-0980"
},
{
"cve": "CVE-2026-1207",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-1207"
},
{
"cve": "CVE-2026-1285",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-1285"
},
{
"cve": "CVE-2026-1287",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-1287"
},
{
"cve": "CVE-2026-1299",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-1299"
},
{
"cve": "CVE-2026-1312",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-1312"
},
{
"cve": "CVE-2026-1530",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-1530"
},
{
"cve": "CVE-2026-1531",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-1531"
},
{
"cve": "CVE-2026-1961",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-1961"
},
{
"cve": "CVE-2026-21637",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-21637"
},
{
"cve": "CVE-2026-22029",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-22029"
},
{
"cve": "CVE-2026-23490",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-23490"
},
{
"cve": "CVE-2026-2436",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-2436"
},
{
"cve": "CVE-2026-25518",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-25518"
},
{
"cve": "CVE-2026-27137",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-27137"
},
{
"cve": "CVE-2026-27138",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-27138"
},
{
"cve": "CVE-2026-27959",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-27959"
},
{
"cve": "CVE-2026-29063",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-29063"
},
{
"cve": "CVE-2026-29087",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-29087"
},
{
"cve": "CVE-2026-30922",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-30922"
},
{
"cve": "CVE-2026-3632",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-3632"
},
{
"cve": "CVE-2026-3633",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-3633"
},
{
"cve": "CVE-2026-3634",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-3634"
},
{
"cve": "CVE-2026-3731",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-3731"
},
{
"cve": "CVE-2026-4271",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-4271"
},
{
"cve": "CVE-2026-4324",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-4324"
},
{
"cve": "CVE-2026-5119",
"product_status": {
"known_affected": [
"T054024",
"T052517",
"67646",
"T021415",
"2F33676F-DD00-4E4F-ADCC-F29993D51A12"
]
},
"release_date": "2026-04-07T22:00:00.000+00:00",
"title": "CVE-2026-5119"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…