← Back to home
wid-sec-w-2026-0783  ·  Published 2026-03-18  ·  View on BSI CERT-Bund ↗

IBM QRadar SIEM: Multiple Vulnerabilities

CVSS 9.8 CRITICAL

Risk Summary

A cleverly devised username might bypass LDAP authentication checks. In LDAP-authenticated Derby installations, this could let an attacker fill up the disk by creating junk Derby databases. In LDAP-authenticated Derby installations, this could also allow the attacker to execute malware which was visible to and executable by the account which booted the Derby server. In LDAP-protected databases which weren't also protected by SQL GRANT/REVOKE authorization, this vulnerability could also let an attacker view and corrupt sensitive data and run sensitive database functions and procedures. Mitigation: Users should upgrade to Java 21 and Derby 10.17.1.0. Alternatively, users who wish to remain on older Java versions should build their own Derby distribution from one of the release families to which the fix was backported: 10.16, 10.15, and 10.14. Those are the releases which correspond, respectively, with Java LTS versions 17, 11, and 8.

CVEs (59)

CVE-2022-46337 CVE-2022-50673 CVE-2022-50865 CVE-2023-44483 CVE-2023-53552 CVE-2024-26766 CVE-2025-12084 CVE-2025-14104 CVE-2025-14242 CVE-2025-15366 CVE-2025-15367 CVE-2025-23184 CVE-2025-27533 CVE-2025-38022 CVE-2025-38024 CVE-2025-38051 CVE-2025-38403 CVE-2025-38415 CVE-2025-38459 CVE-2025-39760 CVE-2025-39933 CVE-2025-40096 CVE-2025-40135 CVE-2025-40158 CVE-2025-40170 CVE-2025-40258 CVE-2025-40269 CVE-2025-40271 CVE-2025-40322 CVE-2025-48913 CVE-2025-48924 CVE-2025-4897 CVE-2025-5372 CVE-2025-53905 CVE-2025-53906 CVE-2025-58457 CVE-2025-6176 CVE-2025-64775 CVE-2025-66418 CVE-2025-66453 CVE-2025-66471 CVE-2025-66675 CVE-2025-68301 CVE-2025-68349 CVE-2025-8916 CVE-2025-9086 CVE-2026-0865 CVE-2026-1188 CVE-2026-1299 CVE-2026-21441 CVE-2026-21925 CVE-2026-21932 CVE-2026-21933 CVE-2026-21945 CVE-2026-22998 CVE-2025-13995 CVE-2025-36051 CVE-2025-15051 CVE-2026-1276

Affected Vendors

IBM

Affected Products (2)

IBM · QRadar SIEM <7.5.0 UP15
IBM · QRadar SIEM 7.5.0 UP15

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more