IBM security advisory (AV26-639)
Serial number: AV26-639 Date: June 29, 2026 Between June 22 and 28, 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: IBM Cloud Pak System – version 2.3.5.0 IBM Observability with Instana (Agent) – versions Build 1.0.303 to 1.0.319 IBM Db2 Big SQL on Cloud Pak for Data – version 5.0 IBM Db2 Big SQL on IBM Software Hub – multiple versions IBM Engineering Workflow Management – version 7.2, 7.1 and 7.0.3 IBM Engineering Requirements Management DOORS Next – version 7.2, 7.1 and 7.0.3 Global Configuration Management – version 7.2, 7.1 and 7.0.3 Jazz Foundation – version 7.2, 7.1 and 7.0.3 Langflow OSS – version 1.0.0 to 1.10.0 IBM Engineering Test Management – version 7.2, 7.1 and 7.0.3 IBM InfoSphere Information Server – version 11.7.0.0 to 11.7.1.6 IBM Operator for PostgreSQL – version v28.3.0 to v28.3.2 IBM Spectrum Control – multiple versions IBM Sterling Partner Engagement Manager Essentials Edition – multiple versions IBM Sterling Partner Engagement Manager Standard Edition – multiple versions IBM Storage Defender Copy Data Management – version 2.2.0.0 to 2.3.0.1 IBM Storage Protect Plus File Systems Agent – version 10.1.6 to 10.1.18 IBM Storage Protect Plus Guest Applications – version 10.1.6 to 10.1.18 IBM Storage Protect Plus vSnap – version 10.1 to 10.1.18 IBM Storage Protect Plus Server – version 10.1 to 10.1.18 IBM Storage Sentinel Anomaly Scan Engine – version 1.1.0 to 2.3.0 IBM watsonx Orchestrate Developer Edition – version 1.4.0 to 2.11.0 WatsonX BI – version 5.0 to 5.3 WebSphere Service Registry and Repository – version 8.5 The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates. IBM Product Security Incident Response
CSIRTS triage
- What
- IBM published security advisories to address vulnerabilities in multiple products.
- Who is affected
- Users of various IBM products are affected.
- Urgency
- Remediation is critical due to the potential impact of the vulnerabilities.
- Action
- Users should review the advisories and apply the necessary updates.
AI-assisted analysis generated from the source advisory — verify against the original.
Details
Original advisory: https://cyber.gc.ca/en/alerts-advisories/ibm-security-advisory-av26-639
More from Canadian Centre for Cyber Security
- unknownBitWarden security advisory (AV26-683)2026-07-10
- criticalAL25-007 - Vulnerability impacting Roundcube Webmail – CVE-2025-49113 – Update 12026-07-10
- unknownMicrosoft Edge security advisory (AV26-682)2026-07-10
- criticalBroadcom VMware security advisory (AV26-681)2026-07-10
- unknownDjango security advisory (AV26-084) – Update 12026-07-09