Security Bulletin: Security Vulnerability in Spring Cloud Affects IBM Sterling B2B Integrator and IBM Sterling File Gateway (CVE-2025-41235) — CVE-2025-41235

IBM · CVE-2025-41235

ID
CVE-2025-41235

Datum
2026-06-12

Activity
2026-06-12

Quelle
IBM

Risiko
high

Zusammenfassung

CVE-2025-41235 is a Hinweis from IBM. Security Bulletin: Security Vulnerability in Spring Cloud Affects IBM Sterling B2B Integrator and IBM Sterling File Gateway (CVE-2025-41235) Severity/Threat: high.

Produkt

IBM Sterling B2B Integrator

Was tun?

Allgemeine, vorsichtige Schritte (bitte prüfe die offizielle Quelle für Details):

Priorisiere sofort Patches oder Mitigations (hohes akutes Risiko).
Identifiziere betroffene Produktversionen und prüfe, ob du betroffen bist.
Spiele Hersteller-Updates/Patches ein oder setze empfohlene Mitigations um.
Lies das offizielle Advisory für betroffene Versionen und konkrete Schritte.

Offizielles Advisory

Mehr dazu

IBM 2026-W24

Security Bulletin: Db2 Query Management Facility is vulnerable to IBM SDK, Java Technology Edition Quarterly CPU - Apr 2026 - Includes Oracle April 2026 CPU

2026-06-16 CVE-2026-34268

highIBM 2026-W25

Security Bulletin: Db2 Query Management Facility is vulnerable to IBM Semeru Runtime Quarterly CPU - Apr 2026 - Includes OpenJDK April 2026 CPU plus CVE-2026-6918

2026-06-16 CVE-2026-34282

highIBM 2026-W25

Security Bulletin: IBM App Connect Enterprise is vulnerable to a denial of service due to Node.js module file-type ( CVE-2026-31808 )

2026-06-16 CVE-2026-31808

mediumIBM 2026-W25

Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to Node.js module path-to-regexp

2026-06-16 CVE-2026-4867

highIBM 2026-W25

Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to Node.js modules fast-uri and protobufjs (CVE-2026-6322, CVE-2026-45740 & CVE-2026-6321)

2026-06-16 CVE-2026-6322

highIBM 2026-W25

Security Bulletin: IBM Cloud Pak for Data System (CPDS 1.0) is affected by insufficient verification of data authenticity in PyJWT

2026-06-16 CVE-2026-32597

highIBM 2026-W25