wid-sec-w-2026-0544 · Published 2026-02-26 · View on BSI CERT-Bund ↗

IBM QRadar SIEM: Multiple Vulnerabilities

CVSS 9.8 CRITICAL

Risk Summary

A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.

CVEs (11)

CVE-2023-53673 CVE-2025-13601 CVE-2025-39993 CVE-2025-40154 CVE-2025-40240 CVE-2025-40248 CVE-2025-40277 CVE-2025-68285 CVE-2025-68615 CVE-2025-68973 CVE-2025-9230

Affected Vendors

IBM Red Hat

Affected Products (2)

IBM · QRadar SIEM <7.5.0 UP14 IF05

IBM · QRadar SIEM 7.5.0 UP14 IF05

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more