CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

IBM security advisory (AV26-656)

critical
Serial number: AV26-656 Date: July 6, 2026 Between June 29 and July 5, 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: Automation Assets in IBM Cloud Pak for Integration (CP4I) – multiple versions HMC V10.3.1050.0 – versions V10.3.1050.0 to V10.3.1064.0 HMC V11.1.1110.0 – versions V11.1.1110.0 to V11.1.1111.5 IBM Bob – versions 1.0.0, 1.0.1 and 1.0.2 IBM App Connect Operator – multiple versions IBM App Connect Enterprise Certified Containers Operands – multiple versions IBM Business Automation Insights – multiple versions IBM Business Automation Manager Open Editions – versions 9.0.0 to 9.4.2 IBM Business Automation Workflow traditional – multiple versions IBM Business Automation Workflow Enterprise Service Bus – multiple versions IBM Cloud Pak for Business Automation – multiple versions IBM DataPower Gateway – multiple models and versions IBM DataStax Enterprise – versions 6.9.0 to 6.9.22 IBM Db2 Genius Hub – versions 1.1, 1.1.1 and 1.1.2 IBM EntireX – version 11.1 IBM Event Endpoint Management – versions 11.0.0 to 11.7.4 IBM Integrated Analytics System – versions 1.0.0.0 to 1.0.30.0 IBM Library Support for Spring – version 2.7 IBM Quantum Safe Remediator – versions 1.1 to 1.1.2 IBM Rational ClearQuest – versions 9.1 to 9.1.0.11 and 10.0 to 10.0.10 IBM SPSS Modeler – version 19.0.0.0 IBM Tivoli Monitoring – versions 6.3.0.7 to 6.3.0.7 Service Pack 22 IBM Tivoli Netcool Configuration Impact – version 7.1.1 IBM Tivoli Netcool Configuration Manager – versions 6.4.2 GA to 6.4.2.24 IBM Tivoli System Automation Application Manager – version 4.1 IBM webMethods Integration (on prem) – versions 10.15 and 10.11 Langflow OSS – versions 1.0.0 to 1.10.0 Maximo AI Service – version 9.1.0 Platform Navigator in IBM Cloud Pak for Integration (CP4I) – multiple versions PowerVM Novalink – multiple versions WebSphere Application Server – versions 8.5 and 9.0 The Cyber Centre encourages users and

CSIRTS triage

vendor: IBMaffected: multiple versions
What
IBM has published critical updates to address vulnerabilities in multiple products.
Who is affected
Users and administrators of various IBM products including Cloud Pak for Integration, HMC, and others.
Urgency
Remediation is urgent due to the critical nature of the vulnerabilities.
Action
Users should apply the necessary updates as per the advisories.

AI-assisted analysis generated from the source advisory — verify against the original.

Details

Source
Canadian Centre for Cyber Security (CA · national-cert · site)
Severity
critical
Published
2026-07-06
Exploitation
Not in CISA KEV at last sync

Original advisory: https://cyber.gc.ca/en/alerts-advisories/ibm-security-advisory-av26-656

More from Canadian Centre for Cyber Security