CVE-2026-9035 – Multiple vulnerabilities in Aspera applications.

CVE ID :CVE-2026-9035

Published : May 27, 2026, 2:17 p.m. | 14 minutes ago

Description :IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a potential arbitrary file read in the asperahttpd component. An authenticated user may be able to take advantage of this vulnerability to access files in the server’s local storage that they should not have access to.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-9704 – Keycloak: keycloak: privilege escalation due to oversized subject_token jwt

CVE-2026-9617 – PostgreSQL Anonymizer: malicious column name allows SQL injection via anon.k_anonymity() function

CVE-2026-8405 – IBM Guardium Data Protection is affected by Exposure of Sensitive Information vulnerability

CVE-2026-8180 – Multiple vulnerabilities in Aspera applications.