CVE-2025-12183

HIGH

Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus for z/OS are vulnerable to multiple vulnerabilities due to lz4 and Apache Log4j (CVE-2025-12183, CVE-2025-66566 & CVE-2025-68161 )

Details

CVSS v3: 8.8
CVSS v4: 8.8
NVD published: 2025-11-28 16:15:51
EPSS: <0.1% probability · 19.9th percentile — 2026-03-18
Affected versions: Not available in our cache.
Summary: Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input.
Remediation: Not available in our cache.
Exploit info: Not available in our cache.

View on NVD

TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.

Subscribe — free email digest or paid plan

Information is aggregated from multiple authoritative sources for convenience; verify with NVD and vendors before operational decisions.