Serial number: AV25-855
Date: December 22, 2025
Between December 15 and 21, 2025, IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:
- IBM API Connect – version 10.0.8.0 to 10.0.8.5 and V10.0.11.0
- IBM CloudPak for AIOps – versions 4.1.0 to 4.11.1
- IBM Concert Software – version 1.0.0 to 2.1.0
- IBM DataPower Gateway – version 10.6.6.0
- IBM Data Virtualization on Cloud Pak for Data – versions 3.0, 3.1 and 3.2
- IBM Db2 on Cloud Pak for Data versions – versions v4.8, v5.0, v5.1, v5.2 and v5.3
- IBM Db2 Warehouse on Cloud Pak for Data – versions v4.8, v5.0, v5.1, v5.2 and v5.3
- IBM DS8A00 – multiple versions
- IBM Edge Data Collector – version 8.11
- IBM Fusion – versions 2.2.0 to 2.11.1
- IBM Fusion HCI – versions 2.2.0 to 2.11.1
- IBM Fusion HCI for watson – versions 2.2.0 to 2.11.1
- IBM Library Support for Spring - Spring-boot – versions 2.7.0 to 2.7.18
- IBM Library Support for Spring - Spring-framework – versions 5.3.0 to 5.3.39
- IBM Library Support for Struts – versions 1.1.1 to 1.1.3
- IBM MANTA Automated Data Lineage for IBM Cloud Pak for Data – version 4.5.0 to 5.3.0
- IBM QRadar Suite Software – versions 1.11.0.0 to 1.11.7.0
- IBM QRadar Suite Software – versions 4.1.15 to 5.0.2
- IBM Rhapsody Systems Engineering – multiple versions
- IBM Security QRadar Analyst Wrokflow for IBM QRadar SIEM – versions 2.32.0 to 3.0.0
- IBM Sterling Partner Engagement Manager – multiple versions
- IBM Watson Query on Cloud Pak for Data – version 2.2
- IBM Watson Speech Services Cartridge – versions 4.0.0 - 5.2.2
- IBM watsonx Code Assistant On Prem – version 5.1.1, 5.1.2, 5.1.3, 5.2, 5.2.1 and 5.2.2
- IBM watsonx Orchestrate Developer Edition – versions 1.4.0 - 1.15.0
The Cyber Centre encourages users and administrators to review the provided web link and apply the necessary updates.