CVE-2026-7876— Authentication bypass vulnerability found in Aspera High-Speed Transfer Server for Cloud Pak for Integration
Possible ATT&CK Techniques 1AI
T1190 · Exploit Public-Facing ApplicationAffected Version Matrix 1
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | Aspera HSTS for CP4I | 1.5.1≤ 1.5.19 | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-7876
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Authentication bypass vulnerability found in Aspera High-Speed Transfer Server for Cloud Pak for Integration
Source: NVD (National Vulnerability Database)
Vulnerability Description
IBM Aspera HSTS for CP4I 1.5.1 through 1.5.19
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
认证机制不恰当
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| IBM | Aspera HSTS for CP4I | 1.5.1 ~ 1.5.19 | cpe:2.3:a:ibm:aspera_hsts_for_cp4i:1.5.1:*:*:*:*:*:*:* |
II. Public POCs for CVE-2026-7876
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-7876
请登录查看更多情报信息。
Other References for CVE-2026-7876 (1)
Same Patch Batch · IBM · 2026-05-27 · 29 CVEs total
| CVE-2026-8175 | 9.8 CRITICAL | Multiple vulnerabilities in Aspera applications. |
| CVE-2026-7524 | 9.8 CRITICAL | Path Traversal Vulnerability in File Processing Components Allows Unauthorized File System |
| CVE-2026-8179 | 8.8 HIGH | Multiple vulnerabilities in Aspera applications. |
| CVE-2026-5065 | 8.8 HIGH | IBM Controller is affected by vulnerabilities |
| CVE-2026-7365 | 8.4 HIGH | IBM Operations Analytics - Log Analysis is affected by Information disclosure due to defau |
| CVE-2026-3623 | 7.8 HIGH | Vulnerabilities exists in IBM Netezza Performance Server Replication Services |
| CVE-2026-3366 | 7.5 HIGH | InfoSphere Optim Test Data Fabrication is affected by Arbitrary File Read |
| CVE-2026-8180 | 7.5 HIGH | Multiple vulnerabilities in Aspera applications. |
| CVE-2024-56462 | 7.2 HIGH | IBM QRadar SIEM is vulnerable to using components with known vulnerabilities |
| CVE-2026-1718 | 7.1 HIGH | IBM® Db2® is vulnerable to a denial of service with a specially crafted query when running |
| CVE-2026-7528 | 7.1 HIGH | Unauthenticated File Upload Vulnerability Allows Disk Space Exhaustion and Path Disclosure |
| CVE-2026-6936 | 6.5 MEDIUM | IBM i is Affected by a Denial of Service Vulnerability [] |
| CVE-2026-3676 | 6.5 MEDIUM | There are multiple vulnerabilities in IBM DB2 bundled with IBM Application Performance Man |
| CVE-2026-6052 | 6.5 MEDIUM | IBM® Db2® is vulnerable to running out of memory when executing certain queries with MDC t |
| CVE-2026-6938 | 6.5 MEDIUM | IBM® Db2® is vulnerable to authorization bypass when uploading to a remote object storage |
| CVE-2026-8405 | 6.5 MEDIUM | IBM Guardium Data Protection is affected by Exposure of Sensitive Information vulnerabilit |
| CVE-2026-9035 | 6.5 MEDIUM | Multiple vulnerabilities in Aspera applications. |
| CVE-2024-40684 | 5.9 MEDIUM | IBM Operations Analytics - Log Analysis is affected by Weak Password Policy and Inadequate |
| CVE-2026-6053 | 5.5 MEDIUM | IBM® Db2® is vulnerable to a denial of service when a specially crafted query is run with |
| CVE-2026-6051 | 5.5 MEDIUM | IBM® Db2® is vulnerable to a denial of service when executing a specially crafted query wi |
Showing top 20 of 29 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: IBM
- CVE-2026-1248
IBM Business Automation Workflow information leak - CVE-2026-7365
IBM Operations Analytics - Log Analysis is affected by Infor - CVE-2024-56462
IBM QRadar SIEM is vulnerable to using components with known - CVE-2024-40684
IBM Operations Analytics - Log Analysis is affected by Weak - CVE-2024-28765
Security vulnerability was found in IBM Security Directory I
Same weakness: CWE-287
- CVE-2026-47272
pam_usb: OTP pad authentication bypass via missing system pa - CVE-2026-8994
Login with NEAR <= 0.3.3 - Authentication Bypass via 'accoun - CVE-2026-44847
MaxKB: Webhook Trigger Authentication Bypass - CVE-2026-47202
Kavita: Pre-Auth Account Takeover - CVE-2026-48896
Joomla! Core - [20260511] - MFA Authentication Bypass
V. Comments for CVE-2026-7876
No comments yet