This page lists publicly disclosed CVE vulnerabilities affecting ibm openbmc (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-7254 | IBM OPENBMC FW1110.00 through FW1110.11 is vulnerable to denial of service attacks by unauthenticated network users. | [email protected] | 5.3 | 0.05% | 2026-05-27 | 2026-06-02 |
| CVE-2024-35124 | A vulnerability in the combination of the OpenBMC's FW1050.00 through FW1050.10, FW1030.00 through FW1030.50, and FW1020.00 through FW1020.60 default password and session management allow an attacker to gain administrative access to the BMC. IBM X-Force ID: 290674. | [email protected] | 7.5 | 0.06% | 2024-08-13 | 2024-08-22 |
| CVE-2024-31916 | IBM OpenBMC FW1050.00 through FW1050.10 BMCWeb HTTPS server component could disclose sensitive URI content to an unauthorized actor that bypasses authentication channels. IBM X-ForceID: 290026. | [email protected] | 7.5 | 0.04% | 2024-06-27 | 2024-11-21 |