Medium severity4.0NVD Advisory· Published Mar 25, 2026· Updated Mar 31, 2026

CVE-2025-14684

Description

IBM Maximo Application Suite - Monitor Component 9.1, 9.0, 8.11, and 8.10 could allow an unauthorized user to inject data into log messages due to improper neutralization of special elements when written to log files.

Affected products

IBM/Maximo Application Suite
cpe:2.3:a:ibm:maximo_application_suite:*:*:*:*:*:*:*:*
Range: >=8.10,<8.10.26

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.ibm.com/support/pages/node/7267481nvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.260
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000