5.1
CVE-2026-3486 - itsourcecode College Management System student-fee.php sql injection
A vulnerability has been found in itsourcecode College Management System 1.0. This vulnerability affects unknown code of the file /admin/student-fee.php. Such manipulation of the argument roll_no leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed toβ¦
9.3
CVE-2026-3485 - D-Link DIR-868L SSDP Service sub_1BF84 os command injection
A flaw has been found in D-Link DIR-868L 110b03. This affects the function sub_1BF84 of the component SSDP Service. This manipulation of the argument ST causes os command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. This vulnerability onβ¦
7.3
CVE-2026-25906 - Improper Link Resolution in Dell Optimizer Enables Local Privilege Escalation
Dell Optimizer, versions prior to 6.3.1, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
6.3
CVE-2025-13686 - DataStage on Cloud Pak for Data is vulnerable to arbitrary code injection due to runtime environment
IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the job subroutine component.
6.3
CVE-2025-13687 - DataStage on Cloud Pak for Data is vulnerable to arbitrary code injection due to runtime environment
IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the user-defined function component.
6.3
CVE-2025-13688 - DataStage on Cloud Pak for Data is vulnerable to arbitrary code injection due to runtime environment
IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 could allow an authenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input through the wrapped command component.
8.8
CVE-2026-24502 - Local Privilege Escalation via Uncontrolled Search Path Element in Dell Commandβ―|β―Intel vPro Out ofβ¦
Dell Command | Intel vPro Out of Band, versions prior to 4.7.0, contain an Uncontrolled Search Path Element vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
5.9
CVE-2025-14456 - IBM MQ Appliance uses weaker than expected cryptographic algorithms
IBM MQ Appliance 9.4 CD through 9.4.4.0 to 9.4.4.1
5.1
CVE-2025-14480 - IBM Aspera faspio Gateway 1.3.7 has addressed a vulnerability affected by weak cryptographic algoriβ¦
IBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information
7.1
CVE-2026-1567 - IBM InfoSphere Information Server is affected by an XML external entity injection (XXE) vulnerabiliβ¦
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 An XML External Entity (XXE) vulnerability in IBM InfoSphere Information Server could allow attackers to retrieve sensitive information from the server.