CVE-2026-8179

Severity CVSS v4.0:
Pending analysis
Type:
CWE-121 Stack-based Buffer Overflow
Publication date:
27/05/2026
Last modified:
05/06/2026

Description

IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a buffer overflow in the asperahttpd component. This vulnerability could allow an authenticated user to execute arbitrary code on the system.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:ibm:aspera_high-speed_transfer_endpoint:*:*:*:*:*:*:*:* 3.7.4 (including) 4.4.6 (including)
cpe:2.3:a:ibm:aspera_high-speed_transfer_endpoint:4.4.7:-:*:*:*:*:*:*
cpe:2.3:a:ibm:aspera_high-speed_transfer_endpoint:4.4.7:fixpack1:*:*:*:*:*:*
cpe:2.3:a:ibm:aspera_high-speed_transfer_server:*:*:*:*:*:*:*:* 3.7.4 (including) 4.4.6 (including)
cpe:2.3:a:ibm:aspera_high-speed_transfer_server:4.4.7:-:*:*:*:*:*:*
cpe:2.3:a:ibm:aspera_high-speed_transfer_server:4.4.7:fixpack1:*:*:*:*:*:*


References to Advisories, Solutions, and Tools