Heap Memory Vulnerability in IBM Concert by IBM
CVE-2025-1719

5.9MEDIUM

Key Information:

Vendor: IBM
Status: Concert
Vendor: CVE Published:; 20 January 2026

What is CVE-2025-1719?

IBM Concert versions 1.0.0 through 2.1.0 are susceptible to a vulnerability that may allow remote attackers to gain access to sensitive information from allocated memory. This issue is attributed to improper handling of heap memory, which does not adequately clear sensitive data, leading to potential data breaches. Users of affected versions should apply recommended patches to mitigate this risk.

Affected Version(s)

Concert 1.0.0 <= 2.1.0

References

https://www.ibm.com/support/pages/node/7257006

vendor-advisorypatch

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 20, 2026
Vulnerability Reserved
Feb 26, 2025

JSON