Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2026-1713
IBM MQ 9.1.0.0 through 9.1.0.33 LTS, 9.2.0.0 through 9.2.0.40 LTS, 9.3.0.0 through 9.3.0.36 LTS, 9.30.0 through 9.3.5.1 CD, 9.4.0.0 through 9.4.0.17 LTS, and 9.4.0.0 through 9.4.4.1 CD
CVSS Score
5.0
EPSS Score
0.0
Published
2026-03-03
CVE-2025-13687
IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the user-defined function component.
CVSS Score
6.3
EPSS Score
0.0
Published
2026-03-03
CVE-2025-13688
IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the wrapped command component.
CVSS Score
6.3
EPSS Score
0.0
Published
2026-03-03
CVE-2025-14456
IBM MQ Appliance 9.4 CD through 9.4.4.0 to 9.4.4.1
CVSS Score
5.9
EPSS Score
0.0
Published
2026-03-03
CVE-2025-14480
IBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information
CVSS Score
5.1
EPSS Score
0.0
Published
2026-03-03
CVE-2025-13686
IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the job subroutine component.
CVSS Score
6.3
EPSS Score
0.0
Published
2026-03-03
CVE-2026-3484
A vulnerability was detected in PhialsBasement nmap-mcp-server up to bee6d23547d57ae02460022f7c78ac0893092e38. Affected by this issue is the function child_process.exec of the file src/index.ts of the component Nmap CLI Command Handler. The manipulation results in command injection. The attack may be performed from remote. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed. The patch is identified as 30a6b9e1c7fa6146f51e28d6ab83a2568d9a3488. It is best practice to apply a patch to resolve this issue.
CVSS Score
6.3
EPSS Score
0.004
Published
2026-03-03
CVE-2026-3494
In MariaDB server version through 11.8.5, when server audit plugin is enabled with server_audit_events variable configured with QUERY_DCL, QUERY_DDL, or QUERY_DML filtering, if an authenticated database user invokes a SQL statement prefixed with double-hyphen (—) or hash (#) style comments, the statement is not logged.
CVSS Score
4.3
EPSS Score
0.0
Published
2026-03-03
CVE-2026-26891
Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /manage_parcel_type.php.
CVSS Score
2.7
EPSS Score
0.0
Published
2026-03-03
CVE-2026-26892
Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /manage_carrier.php.
CVSS Score
7.2
EPSS Score
0.0
Published
2026-03-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved