IBM security advisory (AV26-617)
Serial number: AV26-617 Date: June 22, 2026 Between June 15 and 21, 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: Content-Aware Storage - versions 1.0.0 to 1.1.3 DataStage on Cloud Pak for Data - versions prior to 5.3.1.0 Decision Optimization for Cloud Pak for Data - versions 5.0 to 5.3.1 - Patch 4 releases Host On-Demand (HOD) - versions 16.0 to 16.0.1, versions 15.0 to 15.0.4 IBM ApplinX - versions prior to 11.1 and 12.1 IBM Cloud Pak for Data System (CPDS) - versions 1.0.0.0 to 1.0.10.0 IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data - multiple versions IBM Engineering Lifecycle Management on Hybrid Cloud - versions 1.0.0 to 1.3.0 IBM Enterprise Build of Quarkus - versions 3.27.1 to 3.27.4, versions 3.33.1 to 3.33.2 IBM EntireX - versions prior to 11.1 IBM Fusion HCI - versions 2.10.0 to 2.12.1 IBM Fusion - versions 2.9.0 to 2.12.1 IBM Guardium Key Lifecycle Manager (SKLM/GKLM) - versions prior to 4.1 IBM HTTP Server - versions prior to 9.0 and 8.5 IBM MQ Operator - multiple versions IBM Netezza Software - versions prior to 11.3.0.3-IF2 IBM Operational Decision Manager - multiple versions IBM Planning Analytics Local - versions 2.1.0 to 2.1.20 IBM Robotic Process Automation for Cloud Pak - multiple versions IBM Security QRadar Log Management AQL Plugin - versions 1.0.0 to 1.1.5 IBM Sterling Connect:Direct Web Services - versions 6.3.0 to 6.3.0.18 IBM Sterling Connect:Direct Web Services - versions 6.4.0 to 6.4.0.7 IBM Tivoli Netcool Configuration Manager - versions 6.4.2 GA to 6.4.2.24 IBM Watson Speech Services Cartridge - versions 4.0.0 to 5.3.1 IBM supplied MQ Advanced container images - multiple versions IBM webMethods BPM - versions prior to 12.1 and 11.1 ICP - Discovery - versions 5.0.0 to 5.3.1 Langflow OSS - versions 1.0.0 to 1.9.3 MongoDB Enterprise Advanced with IBM - versions Ops-Manager 8.0.0 to 8.0.21 MongoDB Enterprise Advanced with IB
CSIRTS triage
- What
- Critical updates were published to address vulnerabilities in multiple IBM products.
- Who is affected
- Users of the affected IBM products are at risk.
- Urgency
- Remediation is critical due to the severity of the vulnerabilities.
- Action
- Users should apply the necessary updates immediately.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch Content-Aware Storage, DataStage, Decision Optimization, Host On-Demand, ApplinX, Cloud Pak for Data System
Get an email when a new Content-Aware Storage, DataStage, Decision Optimization, Host On-Demand, ApplinX, Cloud Pak for Data System advisory drops — max one per day, one-click unsubscribe.
Details
Original advisory: https://cyber.gc.ca/en/alerts-advisories/ibm-security-advisory-av26-617
More from Canadian Centre for Cyber Security
- unknownBitWarden security advisory (AV26-683)2026-07-10
- criticalAL25-007 - Vulnerability impacting Roundcube Webmail – CVE-2025-49113 – Update 12026-07-10
- unknownMicrosoft Edge security advisory (AV26-682)2026-07-10
- criticalBroadcom VMware security advisory (AV26-681)2026-07-10
- unknownDjango security advisory (AV26-084) – Update 12026-07-09