CVE-2026-22737 — Vulnetix

Try Vulnetix Request Demo

CVE-2026-22737 PUBLISHED CVSS 5.900000095367432 MEDIUM

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

EPSS 0.06% · 19.5th percentile

Risk Scores

CVSS v3.1

5.900000095367432

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score

0.06%

19.5th percentile

Affected Products

Vendor	Product	Versions
Spring	Spring Security
Maven	org.springframework:spring-webflux	7.0.0-M1, 7.0.0-M1, 6.2.0
Maven	org.springframework:spring-webmvc	5.3.0, 7.0.0-M1, 6.2.0
Spring	Spring Boot
Spring	CLI VSCode Extension	*
IBM	Security QRadar Log Management AQL
IBM	Informix Dynamic Server
IBM	WebSphere
Spring	Spring Framework	5.3.0, 6.1.0, 7.0.0
IBM	Sterling Connect:Direct

Timeline

Jan 14, 2026 PoC Published
Jan 14, 2026 PoC Published
Jan 15, 2026 PoC Published
Mar 19, 2026 PoC Published
Mar 19, 2026 CVE Published
Mar 20, 2026 EPSS Score
Mar 21, 2026 EPSS Score
Mar 21, 2026 PoC Published
Mar 21, 2026 PoC Published
Mar 22, 2026 EPSS Score
Mar 22, 2026 Security Advisory
Mar 23, 2026 EPSS Score

References

…and 16 more

Open in Interactive Console →