Security Vulnerabilities
Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network.
CVSS Score
8.8
EPSS Score
0.001
Published
2026-02-17
IBM WebSphere Application Server 9.0, and 8.5 could provide weaker than expected security during system administration of security settings.
CVSS Score
4.4
EPSS Score
0.0
Published
2026-02-17
IBM DataStage on Cloud Pak for Data could allow an authenticated user to execute arbitrary commands and gain access to sensitive information due to unrestricted file uploads.
CVSS Score
8.8
EPSS Score
0.0
Published
2026-02-17
A flaw has been found in Blossom up to 1.17.1. This issue affects the function put of the file blossom-backend/common/common-iaas/src/main/java/com/blossom/common/iaas/blos/BLOSManager.java of the component File Upload. This manipulation causes path traversal. The attack may be initiated remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
6.3
EPSS Score
0.001
Published
2026-02-17
IBM Concert 1.0.0 through 2.1.0 could allow a local user with specific knowledge about the system's architecture to escalate their privileges due to incorrect file permissions for critical resources.
CVSS Score
7.4
EPSS Score
0.0
Published
2026-02-17
IBM watsonx.data 2.2 through 2.2.1 IBM Lakehouse could allow a privileged user to upload malicious files that could be executed server to modify limited files or data.
CVSS Score
3.8
EPSS Score
0.0
Published
2026-02-17
IBM Sterling B2B Integrator versions 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5, and 6.2.1.0 through 6.2.1.1, and IBM Sterling File Gateway versions 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5, and 6.2.1.0 through 6.2.1.1 may expose sensitive information to a remote privileged attacker due to the application returning detailed technical error messages in the browser.
CVSS Score
4.9
EPSS Score
0.0
Published
2026-02-17
IBM Cloud Pak System 2.3.3.6, 2.3.3.7, 2.3.4.0, 2.3.4.1, and 2.3.5.0 could allow an authenticated user to perform unauthorized tasks due to improper access controls.
CVSS Score
4.3
EPSS Score
0.0
Published
2026-02-17
A vulnerability was detected in Blossom up to 1.17.1. This vulnerability affects the function content of the file blossom-backend/backend/src/main/java/com/blossom/backend/server/article/draft/ArticleController.java of the component Article Title Handler. The manipulation results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
3.5
EPSS Score
0.0
Published
2026-02-17
IBM Security QRadar EDR 3.12 through 3.12.23 IBM Security ReaQta uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
CVSS Score
5.9
EPSS Score
0.0
Published
2026-02-17