CVE-2026-7876
9.1 CRITICALIBM Aspera HSTS for CP4I 1.5.1 through 1.5.19
Published: 2026-05-27 · Last updated: 2026-05-29
Severity and scoring
- CVSS
- 9.1 CRITICAL
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
- CWE
- CWE-287
Affected products
| Vendor | Product |
|---|---|
| ibm | aspera_high-speed_transfer_server_for_cloud_pak_for_integration |
Description
IBM Aspera HSTS for CP4I 1.5.1 through 1.5.19
Source: NVD
References
Related CVEs
Same vendor
- CVE-2026-9330 — IBM WebSphere Application Server 9.0, and 8.5 is affected by an improper validation of user-supplied data during deserialization using th... (8.5 HIGH)
- CVE-2026-9319 — IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to potential remote code execution due to deserialization of untrusted data v... (9.0 CRITICAL)
- CVE-2026-9311 — IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls (9.0 CRITICAL)
- CVE-2026-8644 — IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to identity spoofing (9.1 CRITICAL)
- CVE-2026-1248 — IBM Business Automation Workflow containers and traditional may leak information about its database structure in error messages (4.3 MEDIUM)
Same CWE
- CVE-2026-47166 — ImageMagick is free and open-source software used for editing and manipulating digital images (5.7 MEDIUM)
- CVE-2026-46705 — Russh is a Rust SSH client & server library (5.3 MEDIUM)
- CVE-2022-48575 — A person with access to a Mac may be able to bypass Login Window (3.5 LOW)
- CVE-2026-45567 — Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers (8.3 HIGH)
- CVE-2026-47838 — SubjectDnX509PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wr... (6.8 MEDIUM)