On April 24, 2026, the CERT‑FR issued a notice about several security vulnerabilities discovered in IBM software. The flaws could enable attackers to execute arbitrary code, elevate privileges, or cause remote denial of service. Affected products include IBM QRadar SIEM 7.5.x versions earlier than 7.5.0 UP15 IF02, Sterling Connect:Direct Web Services 6.3.0.x before 6.3.0.18 and 6.4.0.x before 6.4.0.7, and WebSphere Application Server – Liberty versions without the APAR PH70352 fix or earlier than 26.0.0.5. IBM has published security bulletins (7270437, 7270504‑8, 7270594) that provide the necessary patches. Users are advised to review the bulletins and apply updates promptly. The announcement cites numerous CVE identifiers, such as CVE-2024-26984, CVE-2025-0938, and CVE-2026-0915, indicating the scope of the affected vulnerabilities. Attackers could also exploit these flaws to compromise data integrity, confidentiality, or bypass security policies.
Summary of content from
Made by AI. If you spot anything of concern write us at contact@cybach.com. We’ll promptly correct irregularities.