IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera H…

IBM Aspera High-Speed Transfer Endpoint and Server versions 3.7.4 through 4.4.7 Fix Pack 1 are affected by a buffer overflow vulnerability in the asperahttpd component. The vulnerability is identified as CVE-2026-8175 and could be exploited to cause denial of service attacks. More critically, the flaw potentially allows authentication bypass and remote code execution. The vulnerability affects both the Endpoint and Server variants of IBM's high-speed file transfer solution. IBM has acknowledged the issue and provided advisory information through their support pages.