CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.10)
IBM Langflow OSS versions 1.0.0 through 1.10.0 contain a vulnerability allowing users with Redis access to execute arbitrary code with full application privileges. This compromises all secrets, data, and system integrity.
IBM Langflow OSS versions 1.0.0 through 1.10.0 contain a vulnerability allowing remote arbitrary code execution. The issue stems from improper validation of flow nodes with missing or empty component type fields.
IBM Langflow OSS versions 1.0.0 through 1.9.6 contain a vulnerability due to improper authorization enforcement in the Streamable MCP transport endpoint. This allows unauthenticated attackers to access protected MCP project resources and execute MCP operations.
IBM App Connect Enterprise versions 13.0.1.0 through 13.0.7.2 and 12.0.1.0 through 12.0.12.26, as well as IBM Integration Bus for z/OS 10.1.0.0 through 10.1.0.7, are vulnerable to SQL injection. A remote attacker could socially engineer a user into accidentally creating files they may not be aware of.
IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 contains approximately 50 generated CORBA stub classes in ogclient.jar that call ORB.string_to_object() on an attacker-controlled IOR string during Java deserialization. This turns any unfiltered ObjectInputStream sink in WAS into outbound IIOP SSRF to an attacker-chosen host.
IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 contains a vulnerability in the Object Query Language engine that resolves attacker-supplied class names via Class.forName() and invokes their constructors without an allow-list at three distinct sinks (SELECT NEW, enum literals, and reflection-based comparators). An authenticated remote attacker who can influence an application-built OQL query string can execute arbitrary constructors on the WAS JVM, and a SELECT DISTINCT variant using planted grid values triggers the same gadget post-deserialization in a manner that bypasses JEP-290 serialization filters across grid node boundaries.
IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 ships three ObjectInputStream subclasses (WsObjectInputStream, ObjectStreamPool$ReusableInputStream, ObjectInputStreamResolver) that install no JEP-290 class filter; when Coherence is on the classpath, multiple RCE gadget chains including RemoteConstructor.readResolve and PriorityQueue/ExtractorComparator are confirmed working, allowing a post-login attacker who can write a session attribute or a LAN-adjacent attacker on the grid replication wire to execute arbitrary code on peer WAS JVMs.
IBM Business Automation Manager Open Editions versions 9.0.0 through 9.4.2 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.
IBM UrbanCode Deploy and IBM DevOps Deploy store potentially sensitive information in log files that could be read by a local user. The vulnerability affects versions 7.2 through 7.2.3.23, 7.3 through 7.3.2.18, and 8.0 through 8.0.1.13, 8.1 through 8.1.2.6, and 8.2 through 8.2.1.0.
IBM UrbanCode Deploy and IBM DevOps Deploy in vulnerable versions may disclose sensitive configurations and secrets to authenticated users in API responses, which could be used in further attacks against the system.
IBM DevOps Deploy (UCD) versions 8.1 through 8.1.2.6 and 8.2 through 8.2.1.0 improperly configure CORS, allowing an attacker to perform privileged actions and retrieve sensitive information because the domain is not restricted to trusted domains.
IBM Db2 versions 11.5.0 through 11.5.9 and 12.1.0 through 12.1.4 for Linux, UNIX, and Windows (including Db2 Connect Server) contain a denial-of-service vulnerability. An authenticated user can exploit improper neutralization of special elements in the data query logic for XMLTable-derived columns, causing a denial of service.
IBM WebSphere Application Server Liberty versions 17.0.0.3 through 26.0.0.6 are affected by an arbitrary file read vulnerability when the restConnector-2.0 feature is enabled.
IBM WebSphere Application Server Liberty versions 17.0.0.3 through 26.0.0.7 are affected by a server-side request forgery (SSRF) vulnerability when the apiDiscovery-1.0 feature is enabled. An attacker can exploit this flaw to send unauthorized requests from the server to internal network resources.
IBM WebSphere Application Server 9.0 and 8.5 are affected by a cross-site scripting (XSS) vulnerability in the administrative console help system. This allows an attacker to inject malicious scripts into the help page.
IBM WebSphere Application Server 9.0 and 8.5 is affected by a cross-site scripting vulnerability in the administrative console's integrated help system. This allows an attacker to inject malicious script into the help page.
IBM WebSphere Application Server 9.0 and 8.5 contain a vulnerability that could allow a remote attacker to obtain sensitive information from the integrated help system of the administrative console.
IBM WebSphere Application Server Liberty versions 17.0.0.3 through 26.0.0.7 with the adminCenter-1.0 feature enabled are affected by a server-side request forgery (SSRF) vulnerability.
IBM Langflow OSS versions 1.0.0 through 1.9.6 contain a Server-Side Request Forgery (SSRF) vulnerability. The RSSReaderComponent and SearXNG components make unvalidated HTTP requests to user-controlled URLs, bypassing SSRF protections introduced in version 1.9.3.
IBM Langflow OSS versions 1.0.0 through 1.9.6 contain a missing authentication vulnerability in /api/v1/build_public_tmp/ endpoints, allowing an unauthenticated attacker to read build event data or cancel jobs using a valid job identifier, resulting in information disclosure and denial of service.

