IBM security advisory (AV26-656)
Serial number: AV26-656 Date: July 6, 2026 Between June 29 and July 5, 2026, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following: Automation Assets in IBM Cloud Pak for Integration (CP4I) – multiple versions HMC V10.3.1050.0 – versions V10.3.1050.0 to V10.3.1064.0 HMC V11.1.1110.0 – versions V11.1.1110.0 to V11.1.1111.5 IBM Bob – versions 1.0.0, 1.0.1 and 1.0.2 IBM App Connect Operator – multiple versions IBM App Connect Enterprise Certified Containers Operands – multiple versions IBM Business Automation Insights – multiple versions IBM Business Automation Manager Open Editions – versions 9.0.0 to 9.4.2 IBM Business Automation Workflow traditional – multiple versions IBM Business Automation Workflow Enterprise Service Bus – multiple versions IBM Cloud Pak for Business Automation – multiple versions IBM DataPower Gateway – multiple models and versions IBM DataStax Enterprise – versions 6.9.0 to 6.9.22 IBM Db2 Genius Hub – versions 1.1, 1.1.1 and 1.1.2 IBM EntireX – version 11.1 IBM Event Endpoint Management – versions 11.0.0 to 11.7.4 IBM Integrated Analytics System – versions 1.0.0.0 to 1.0.30.0 IBM Library Support for Spring – version 2.7 IBM Quantum Safe Remediator – versions 1.1 to 1.1.2 IBM Rational ClearQuest – versions 9.1 to 9.1.0.11 and 10.0 to 10.0.10 IBM SPSS Modeler – version 19.0.0.0 IBM Tivoli Monitoring – versions 6.3.0.7 to 6.3.0.7 Service Pack 22 IBM Tivoli Netcool Configuration Impact – version 7.1.1 IBM Tivoli Netcool Configuration Manager – versions 6.4.2 GA to 6.4.2.24 IBM Tivoli System Automation Application Manager – version 4.1 IBM webMethods Integration (on prem) – versions 10.15 and 10.11 Langflow OSS – versions 1.0.0 to 1.10.0 Maximo AI Service – version 9.1.0 Platform Navigator in IBM Cloud Pak for Integration (CP4I) – multiple versions PowerVM Novalink – multiple versions WebSphere Application Server – versions 8.5 and 9.0 The Cyber Centre encourages users and
CSIRTS triage
- What
- IBM has published critical updates to address vulnerabilities in multiple products.
- Who is affected
- Users and administrators of various IBM products including Cloud Pak for Integration, HMC, and others.
- Urgency
- Remediation is urgent due to the critical nature of the vulnerabilities.
- Action
- Users should apply the necessary updates as per the advisories.
AI-assisted analysis generated from the source advisory — verify against the original.
Details
Original advisory: https://cyber.gc.ca/en/alerts-advisories/ibm-security-advisory-av26-656
More from Canadian Centre for Cyber Security
- unknownBitWarden security advisory (AV26-683)2026-07-10
- criticalAL25-007 - Vulnerability impacting Roundcube Webmail – CVE-2025-49113 – Update 12026-07-10
- unknownMicrosoft Edge security advisory (AV26-682)2026-07-10
- criticalBroadcom VMware security advisory (AV26-681)2026-07-10
- unknownDjango security advisory (AV26-084) – Update 12026-07-09