6.3
CVE-2025-36376 - IBM Security QRadar EDR Software has multiple vulnerabilities
IBM Security QRadar EDR 3.12 through 3.12.23 does not invalidate session after a session expiration which could allow an authenticated user to impersonate another user on the system.
5.1
CVE-2026-2622 - Blossom Article Title ArticleController.java content cross site scripting
A vulnerability was detected in Blossom up to 1.17.1. This vulnerability affects the function content of the file blossom-backend/backend/src/main/java/com/blossom/backend/server/article/draft/ArticleController.java of the component Article Title Handler. The manipulation results in cross site scriโฆ
6.3
CVE-2025-36377 - IBM Security QRadar EDR Software has multiple vulnerabilities
IBM Security QRadar EDR 3.12 through 3.12.23 does not invalidate session after a session expiration which could allow an authenticated user to impersonate another user on the system.
5.9
CVE-2025-36379 - IBM Security QRadar EDR Software has multiple vulnerabilities
IBM Security QRadar EDR 3.12 through 3.12.23 IBM Security ReaQta uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
8.1
CVE-2025-13691 - DataStage on Cloud Pak for Data is vulnerable to sensitive information leaks due to HTTP processing
IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 returns sensitive information in an HTTP response that could be used to impersonate other users in the system.
