Security Bulletin: IBM Transformation Advisor is affected by multiple vulnerabilities found in Node.js — CVE-2026-44664

IBM · CVE-2026-44664

ID
CVE-2026-44664

Date
2026-06-02

Activity
2026-06-02

Source
IBM

Threat
medium

Summary

CVE-2026-44664 is a advisory from IBM. Security Bulletin: IBM Transformation Advisor is affected by multiple vulnerabilities found in Node.js Severity/Threat: medium.

Product

IBM

What to do

General, cautious steps (verify details in the official source):

Review exposure and plan remediation based on risk and environment.
Identify affected product versions in your inventory and verify whether you are impacted.
Apply vendor patches/updates or recommended mitigations as soon as available.
Read the official advisory for exact affected versions and remediation steps.

Official advisory

Related advisories

Security Bulletin: Db2 Query Management Facility is vulnerable to IBM SDK, Java Technology Edition Quarterly CPU - Apr 2026 - Includes Oracle April 2026 CPU

2026-06-16 CVE-2026-34268

highIBM 2026-W25

Security Bulletin: Db2 Query Management Facility is vulnerable to IBM Semeru Runtime Quarterly CPU - Apr 2026 - Includes OpenJDK April 2026 CPU plus CVE-2026-6918

2026-06-16 CVE-2026-34282

highIBM 2026-W25

Security Bulletin: IBM App Connect Enterprise is vulnerable to a denial of service due to Node.js module file-type ( CVE-2026-31808 )

2026-06-16 CVE-2026-31808

mediumIBM 2026-W25

Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to Node.js module path-to-regexp

2026-06-16 CVE-2026-4867

highIBM 2026-W25

Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to Node.js modules fast-uri and protobufjs (CVE-2026-6322, CVE-2026-45740 & CVE-2026-6321)

2026-06-16 CVE-2026-6322

highIBM 2026-W25

Security Bulletin: IBM Cloud Pak for Data System (CPDS 1.0) is affected by insufficient verification of data authenticity in PyJWT

2026-06-16 CVE-2026-32597

highIBM 2026-W25