Ibm Guardium Data Protection — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Guardium Data Protection, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2025-3473 — CVSS 6.7 (medium): IBM Security Guardium 12.1 could allow a local privileged user to escalate their privileges to root due to insecure inherited permissions…
CVE-2026-8405 — CVSS 6.5 (medium): IBM Guardium Data Protection 12.2.1, and 12.2.2 's add-on feature of Guardium Data Protection named "Long Term Retention" (LTR) can expose…
CVE-2025-36020 — CVSS 5.9 (medium): IBM Guardium Data Protection could allow a remote attacker to obtain sensitive information due to cleartext transmission of sensitive…
CVE-2026-4918 — CVSS 5.5 (medium): IBM Guardium Data Protection 12.1 is vulnerable to stored cross-site scripting. This vulnerability allows an administrative user to embed…
CVE-2026-1274 — CVSS 4.9 (medium): IBM Guardium Data Protection 12.0, 12.1, and 12.2 is vulnerable to a Bypass Business Logic vulnerability in the access management control…
CVE-2026-4917 — CVSS 4.9 (medium): IBM Guardium Data Protection 12.1 could allow an administrative user to traverse directories on the system. An attacker could send a…
CVE-2026-4919 — CVSS 4.8 (medium): IBM Guardium Data Protection 12.1 is vulnerable to cross-site scripting. This vulnerability allows an administrative user to embed…
CVE-2026-1272 — CVSS 2.7 (low): IBM Guardium Data Protection 12.0, 12.1, and 12.2 is vulnerable to Security Misconfiguration vulnerability in the user access control panel.