[Japanese]

JVNDB-2026-003906

Multiple Vulnerabilities in Cosminexus

Overview

Cosminexus Developer's Kit for Java(TM) and Hitachi Developer's Kit for Java contain the following vulnerabilities:

CVE-2026-21925, CVE-2026-21932, CVE-2026-21933, CVE-2026-21945
CVSS Severity (What is CVSS?)

Affected Products


Hitachi, Ltd
  • Hitachi Application Server Windows 10-10 - 10-10-04
  • Hitachi Application Server Windows(x64) 10-10 - 10-11-05
  • Hitachi Application Server Linux 10-11 - 10-11-04
  • Hitachi Application Server for Developers Windows 10-10 - 10-10-04
  • Hitachi Application Server for Developers Windows(x64) 10-10 - 10-11-05
  • Hitachi Application Server for Developers Linux 10-11 - 10-11-04
  • uCosminexus Application Runtime with Java for Apache Tomcat Windows(x64) 01-20
  • uCosminexus Application Runtime with Java for Apache Tomcat Linux 01-00 - 01-20
  • uCosminexus Application Runtime with Java for Spring Boot Windows(x64) 01-20
  • uCosminexus Application Runtime with Java for Spring Boot Linux 01-00 - 01-20
  • uCosminexus Application Server Windows(x64) 11-00 - 11-70
  • uCosminexus Application Server Linux 11-00 - 11-60
  • uCosminexus Application Server AIX 11-00 - 11-00-02
  • uCosminexus Application Server Windows 09-70 - 09-70-02
  • uCosminexus Application Server Windows(x64) 09-70 - 09-87
  • uCosminexus Application Server Linux 09-70 - 09-87-01
  • uCosminexus Application Server AIX 09-70 - 09-70-02
  • uCosminexus Application Server(64) Windows(x64) 11-00 - 11-70
  • uCosminexus Application Server(64) Linux 11-00 - 11-60
  • uCosminexus Application Server(64) AIX 11-00 - 11-00-02
  • uCosminexus Application Server(64) Windows 09-70 - 09-70-02
  • uCosminexus Application Server(64) Windows(x64) 09-70 - 09-87
  • uCosminexus Application Server(64) Linux 09-70 - 09-87-01
  • uCosminexus Application Server(64) AIX 09-70 - 09-70-02
  • uCosminexus Application Server-R Windows(x64) 11-00 - 11-70
  • uCosminexus Application Server-R Linux 11-00 - 11-60
  • uCosminexus Application Server-R AIX 11-00 - 11-00-02
  • uCosminexus Application Server-R Windows 09-70 - 09-70-02
  • uCosminexus Application Server-R Windows(x64) 09-70 - 09-87
  • uCosminexus Application Server-R Linux 09-70 - 09-87-01
  • uCosminexus Application Server-R AIX 09-70 - 09-70-02
  • uCosminexus Client Windows(x64) 11-00 - 11-70
  • uCosminexus Client Linux 11-00 - 11-60
  • uCosminexus Client AIX 11-00 - 11-00-02
  • uCosminexus Client Windows 09-70 - 09-70-02
  • uCosminexus Client Windows(x64) 09-70 - 09-87
  • uCosminexus Client Linux 09-70 - 09-87-01
  • uCosminexus Client AIX 09-70 - 09-70-02
  • uCosminexus Developer Windows(x64) 11-00 - 11-70
  • uCosminexus Developer Linux 11-00 - 11-60
  • uCosminexus Developer AIX 11-00 - 11-00-02
  • uCosminexus Developer Windows 09-70 - 09-70-02
  • uCosminexus Developer Windows(x64) 09-70 - 09-87
  • uCosminexus Developer Linux 09-70 - 09-87-01
  • uCosminexus Developer AIX 09-70 - 09-70-02
  • uCosminexus Operator for Service Platform Windows 09-70 - 09-70-02
  • uCosminexus Operator for Service Platform Windows(x64) 09-70 - 09-87
  • uCosminexus Operator for Service Platform Linux 09-70 - 09-87-01
  • uCosminexus Operator for Service Platform AIX 09-70 - 09-70-02
  • uCosminexus Primary Server Base Windows(x64) 11-00 - 11-70
  • uCosminexus Primary Server Base Linux 11-00 - 11-60
  • uCosminexus Primary Server Base AIX 11-00 - 11-00-02
  • uCosminexus Primary Server Base Windows 09-70 - 09-70-02
  • uCosminexus Primary Server Base Windows(x64) 09-70 - 09-87
  • uCosminexus Primary Server Base Linux 09-70 - 09-87-01
  • uCosminexus Primary Server Base AIX 09-70 - 09-70-02
  • uCosminexus Primary Server Base(64) Windows(x64) 11-00 - 11-70
  • uCosminexus Primary Server Base(64) Linux 11-00 - 11-60
  • uCosminexus Primary Server Base(64) AIX 11-00 - 11-00-02
  • uCosminexus Primary Server Base(64) Windows 09-70 - 09-70-02
  • uCosminexus Primary Server Base(64) Windows(x64) 09-70 - 09-87
  • uCosminexus Primary Server Base(64) Linux 09-70 - 09-87-01
  • uCosminexus Primary Server Base(64) AIX 09-70 - 09-70-02
  • uCosminexus Service Architect Windows(x64) 11-00 - 11-70
  • uCosminexus Service Architect Linux 11-00 - 11-60
  • uCosminexus Service Architect AIX 11-00 - 11-00-02
  • uCosminexus Service Architect Windows 09-70 - 09-70-02
  • uCosminexus Service Architect Windows(x64) 09-70 - 09-87
  • uCosminexus Service Architect Linux 09-70 - 09-87-01
  • uCosminexus Service Architect AIX 09-70 - 09-70-02
  • uCosminexus Service Platform Windows(x64) 11-00 - 11-70
  • uCosminexus Service Platform Linux 11-00 - 11-60
  • uCosminexus Service Platform AIX 11-00 - 11-00-02
  • uCosminexus Service Platform Windows 09-70 - 09-70-02
  • uCosminexus Service Platform Windows(x64) 09-70 - 09-87
  • uCosminexus Service Platform Linux 09-70 - 09-87-01
  • uCosminexus Service Platform AIX 09-70 - 09-70-02
  • uCosminexus Service Platform(64) Windows(x64) 11-00 - 11-70
  • uCosminexus Service Platform(64) Linux 11-00 - 11-60
  • uCosminexus Service Platform(64) AIX 11-00 - 11-00-02
  • uCosminexus Service Platform(64) Windows 09-70 - 09-70-02
  • uCosminexus Service Platform(64) Windows(x64) 09-70 - 09-87
  • uCosminexus Service Platform(64) Linux 09-70 - 09-87-01
  • uCosminexus Service Platform(64) AIX 09-70 - 09-70-02

Please refer to Vendor Information for more details.
Impact

Regarding the impact of the vulnerability, please refer to the vendor advisory.
Solution

Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action.
Vendor Information

Hitachi, Ltd
CWE (What is CWE?)

CVE (What is CVE?)

  1. CVE-2026-21925
  2. CVE-2026-21932
  3. CVE-2026-21933
  4. CVE-2026-21945
References

Revision History

  • [2026/02/17]
      Web page was published