Security Bulletin: Multiple security vulnerabilities in IBM Business Automation Manager Open Editions
Details
CVSS v3
8.2
NVD published
2026-03-20 00:16:15
EPSS
<0.1% probability · 15.4th percentile — 2026-03-30
Affected versions
Not available in our cache.
Summary
Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass" vulnerability when an application endpoint that requires authentication is declared under the path used by the CloudFoundry Actuator endpoints. This issue affects Spring Security: from 4.0.0 through 4.0.3, from 3.5.0 through 3.5.11, from 3.4.0 through 3.4.14, from 3.3.0 through 3.3.17, from 2.7.0 through 2.7.31.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.