High severity8.8NVD Advisory· Published May 27, 2026· Updated Jun 5, 2026
CVE-2026-8179
CVE-2026-8179
Description
IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a buffer overflow in the asperahttpd component. This vulnerability could allow an authenticated user to execute arbitrary code on the system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8cpe:2.3:a:ibm:aspera_high-speed_transfer_endpoint:*:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:ibm:aspera_high-speed_transfer_endpoint:*:*:*:*:*:*:*:*range: >=3.7.4,<=4.4.6
- cpe:2.3:a:ibm:aspera_high-speed_transfer_endpoint:4.4.7:-:*:*:*:*:*:*
- cpe:2.3:a:ibm:aspera_high-speed_transfer_endpoint:4.4.7:fixpack1:*:*:*:*:*:*
- cpe:2.3:a:ibm:aspera_high-speed_transfer_server:*:*:*:*:*:*:*:*range: >=3.7.4,<=4.4.6
- cpe:2.3:a:ibm:aspera_high-speed_transfer_server:4.4.7:-:*:*:*:*:*:*
- cpe:2.3:a:ibm:aspera_high-speed_transfer_server:4.4.7:fixpack1:*:*:*:*:*:*
- (no CPE)range: 3.7.4 through 4.4.7 Fix Pack 1
- (no CPE)range: 3.7.4 through 4.4.7 Fix Pack 1
Patches
Vulnerability mechanics
References
1- www.ibm.com/support/pages/node/7273615nvdVendor Advisory
News mentions
1- IBM's May 2026 Patch Dump: 25 CVEs Span Aspera, Db2, Langflow, and MoreVypr Intelligence · May 27, 2026