Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2026-2483
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session
CVSS Score
5.4
EPSS Score
0.0
Published
2026-03-25
CVE-2026-1014
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to exposure of sensitive information via JSON server response manipulation.
CVSS Score
6.5
EPSS Score
0.0
Published
2026-03-25
CVE-2026-1015
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
CVSS Score
5.4
EPSS Score
0.0
Published
2026-03-25
CVE-2026-1262
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information disclosure vulnerability.
CVSS Score
4.3
EPSS Score
0.0
Published
2026-03-25
CVE-2026-1561
IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is vulnerable to server-side request forgery (SSRF). This may allow remote attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
CVSS Score
5.4
EPSS Score
0.0
Published
2026-03-25
CVE-2025-36422
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 IBM InfoSphere DataStage Flow Designer is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
CVSS Score
4.3
EPSS Score
0.0
Published
2026-03-25
CVE-2025-36438
IBM Concert 1.0.0 through 2.2.0 could allow a privileged user to perform unauthorized actions due to improper restriction of channel communication to intended endpoints.
CVSS Score
5.1
EPSS Score
0.0
Published
2026-03-25
CVE-2025-36440
IBM Concert 1.0.0 through 2.2.0 could allow a local user to obtain sensitive information due to missing function level access control.
CVSS Score
5.1
EPSS Score
0.0
Published
2026-03-25
CVE-2025-64646
IBM Concert 1.0.0 through 2.2.0 could allow an attacker to access sensitive information in memory due to the buffer not properly clearing resources.
CVSS Score
6.2
EPSS Score
0.0
Published
2026-03-25
CVE-2025-64647
IBM Concert 1.0.0 through 2.2.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information
CVSS Score
5.9
EPSS Score
0.0
Published
2026-03-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved