Available patches for watsonx.data intelligence on IBM Software Hub Version 5.3.1

Patches address known issues and security vulnerabilities. The patches in this topic can be applied to IBM Software Hub Version 5.3.1.

Patches are cumulative. If a fix is delivered in a patch, the fix is included in all subsequent patches.

The latest patches are defined in the patch-5.3.1.yaml file, which is available in the IBM/software-hub repository on GitHub.

In this topic, available patches are listed in reverse chronological order so that the most recent patch is at the beginning of the topic.

Applying patches

By default, the latest patches are automatically applied to your environment when you install or upgrade an instance of IBM Software Hub.

You can see which patches are installed on your environment by running the cpd-cli manage list-deployed-components command.

If you want to apply newer patches to your environment, see Applying patches to IBM Software Hub.

Related patches

watsonx.data intelligence has a dependency on the following components. Check the available patches for each component to see if your environment will be affected.

Component name	Component ID	More information
Analytics Engine powered by Apache Spark	`analyticsengine`	Available patches for Analytics Engine powered by Apache Spark on IBM Software Hub Version 5.3.1
Common core services	`ccs`	Available patches for common core services on IBM Software Hub Version 5.3.1
Data Refinery	`datarefinery`	Available patches for Data Refinery on IBM Software Hub Version 5.3.1
Neo4j	`ibm_neo4j`	Available patches for Neo4j on IBM Software Hub Version 5.3.1
Redis	`ibm_redis_cp`	Available patches for Redis on IBM Software Hub Version 5.3.1
OpenSearch	`opencontent_opensearch`	Available patches for OpenSearch on IBM Software Hub Version 5.3.1
Inference foundation models	`watsonx_ai_ifm`	Available patches for Inference foundation models on IBM Software Hub Version 5.3.1
IBM Knowledge Catalog	`wkc`	Available patches for IBM Knowledge Catalog on IBM Software Hub Version 5.3.1

Patch 5

Release date: 2026-05-20

This patch contains updates for the following components:

watsonx.data intelligence (watsonx_dataintelligence): Version: 2.3.15
DataStage (datastage_ent): Version: 5.3.4
IBM Manta Data Lineage (datalineage): Version: 5.3.15
IBM Knowledge Catalog Premium (ikc_premium): Version: 5.3.15
Data Product Hub (dataproduct): Version: 5.3.15

Security issues fixed in this patch

This patch addresses the following Common Vulnerabilities and Exposures (CVE) for the following components:

watsonx.data intelligence (watsonx_dataintelligence)

CVE-2026-0603, CVE-2026-0994, CVE-2026-1502, CVE-2026-4786, CVE-2026-4878, CVE-2026-5435, CVE-2026-5450, CVE-2026-5713, CVE-2026-5795, CVE-2026-5928, CVE-2026-6019, CVE-2026-6100, CVE-2026-6732, CVE-2026-22007, CVE-2026-22013, CVE-2026-22016, CVE-2026-22018, CVE-2026-22020, CVE-2026-22021, CVE-2026-22746, CVE-2026-22748, CVE-2026-22751, CVE-2026-28386, CVE-2026-28387, CVE-2026-28388, CVE-2026-28389, CVE-2026-31789, CVE-2026-32316, CVE-2026-32952, CVE-2026-33947, CVE-2026-33948, CVE-2026-34268, CVE-2026-34282, CVE-2026-34477, CVE-2026-34478, CVE-2026-34480, CVE-2026-34481, CVE-2026-34757, CVE-2026-39956, CVE-2026-39979, CVE-2026-40164, CVE-2026-40355, CVE-2026-40356, CVE-2026-41035, CVE-2026-41079, CVE-2026-41080, CVE-2026-41254, CVE-2026-41305, CVE-2026-41602, CVE-2026-41603, CVE-2026-41604, CVE-2026-41605, CVE-2026-41606, CVE-2026-41607, CVE-2026-41650, CVE-2026-41989, CVE-2026-41990, CVE-2026-42033, CVE-2026-42034, CVE-2026-42035, CVE-2026-42036, CVE-2026-42037, CVE-2026-42038, CVE-2026-42039, CVE-2026-42040, CVE-2026-42041, CVE-2026-42042, CVE-2026-42043, CVE-2026-42044

CVE-2025-0312, CVE-2025-0315, CVE-2025-0317, CVE-2025-1975, CVE-2025-48431, CVE-2025-51471, CVE-2025-63389

CVE-2024-8063, CVE-2024-12055, CVE-2024-12886

DataStage (datastage_ent)

CVE-2026-4800, CVE-2026-5598, CVE-2026-40175, CVE-2026-41650

IBM Manta Data Lineage (datalineage)

CVE-2026-1525, CVE-2026-1526, CVE-2026-1528, CVE-2026-2229, CVE-2026-4424, CVE-2026-4519, CVE-2026-4800, CVE-2026-4867, CVE-2026-5121, CVE-2026-21710, CVE-2026-25547, CVE-2026-26996, CVE-2026-27135, CVE-2026-27904, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32285, CVE-2026-32288, CVE-2026-32289, CVE-2026-33762, CVE-2026-33809, CVE-2026-33810, CVE-2026-33870, CVE-2026-33871, CVE-2026-33891, CVE-2026-33894, CVE-2026-33895, CVE-2026-33896, CVE-2026-34043, CVE-2026-34073, CVE-2026-34085, CVE-2026-34165, CVE-2026-34986, CVE-2026-39883, CVE-2026-39892

CVE-2025-10158, CVE-2025-13465, CVE-2025-59464, CVE-2025-62718, CVE-2025-67030

CVE-2023-38552, CVE-2023-45143

IBM Knowledge Catalog Premium (ikc_premium)

CVE-2025-10158, CVE-2025-13465, CVE-2025-59464, CVE-2025-62718, CVE-2025-67030

CVE-2023-38552, CVE-2023-45143

Data Product Hub (dataproduct)

CVE-2026-1525, CVE-2026-1526, CVE-2026-1528, CVE-2026-2229, CVE-2026-4424, CVE-2026-5121, CVE-2026-21710, CVE-2026-25547, CVE-2026-26996, CVE-2026-27135, CVE-2026-27904, CVE-2026-33671, CVE-2026-33762, CVE-2026-33817, CVE-2026-33997, CVE-2026-34165, CVE-2026-34477, CVE-2026-34478, CVE-2026-34480, CVE-2026-34986, CVE-2026-39883, CVE-2026-39892, CVE-2026-40175, CVE-2026-41305, CVE-2026-41672, CVE-2026-41673, CVE-2026-41674, CVE-2026-41675

CVE-2025-62718

Known issues fixed in this patch

This patch addresses the following Known Issues:

DataStage (datastage_ent)

Fixed an issue where the Storage volume connector did not preserve full microsecond precision for timestamp values when reading files, resulting in loss of trailing zeros.
Fixed an issue where decimal values were truncated or rounded to two decimal places instead of retaining their original scale and precision, including trailing zeros.

IBM Manta Data Lineage (datalineage)

DT470414: PowerBI Lineage Import Fails with Missing Authentication Properties

Other issues fixed in this patch

This patch includes fixes for the following issues:

DataStage (datastage_ent)

Fixed an issue where properties were removed from the node parameters when editing the web service node in the canvas.
Fixed an issue where run metrics were missing for newly created pipeline jobs.
Fixed long load times and browser unresponsiveness when opening Transformer stages with 300 or more columns.
Fixed ELT pushdown jobs defaulting to password authentication instead of using configured key pair credentials (AUTH_METHOD and PRIVATE_KEY).
Fixed an issue where the keystore password was exposed in Optimize Runner logs in GMC 5.3.1 and cloud environments.
Fixed masking of encrypted strings in Optimize Runner logs.
Fixed an issue where Data Service jobs remained in Starting or Running status.
Fixed inconsistencies between the LocalFS and Sequential File connectors.
Fixed Oracle Database connector input stage to support metadata browsing and data preview for tables containing XMLType or LOB columns.
Added the Before/after sql read from file function in the following connectors: Greenplum, Informix, Oracle, PostgreSQL, Presto, Snowflake, Teradata.

Patch 4

Release date: 2026-05-06

This patch contains updates for the following components:

DataStage (datastage_ent): Version: 5.3.3

Security issues fixed in this patch

This patch addresses the following Common Vulnerabilities and Exposures (CVE) for the following components:

DataStage (datastage_ent): CVE-2026-33870, CVE-2026-33871

Other issues fixed in this patch

This patch includes fixes for the following issues:

DataStage (datastage_ent)

Fixed job migration issues between the LocalFS connector in 11.7.x DataStage and the Sequential file connector in the modern DataStage.

Patch 3

Release date: 2026-04-22

This patch contains updates for the following components:

watsonx.data intelligence (watsonx_dataintelligence): Version: 2.3.13
Data Product Hub (dataproduct): Version: 5.3.13
DataStage (datastage_ent): Version: 5.3.2
IBM Knowledge Catalog Premium (ikc_premium): Version: 5.3.13
IBM Manta Data Lineage (datalineage): Version: 5.3.13

Security issues fixed in this patch

This patch addresses the following Common Vulnerabilities and Exposures (CVE) for the following components:

watsonx.data intelligence (watsonx_dataintelligence)

CVE-2026-0540, CVE-2026-0861, CVE-2026-0915, CVE-2026-1299, CVE-2026-2003, CVE-2026-2004, CVE-2026-2005, CVE-2026-2006, CVE-2026-3293, CVE-2026-3713, CVE-2026-21637, CVE-2026-22184, CVE-2026-22795, CVE-2026-22796, CVE-2026-24281, CVE-2026-24308, CVE-2026-24733, CVE-2026-24842, CVE-2026-25934, CVE-2026-27139, CVE-2026-27141, CVE-2026-27199, CVE-2026-27205, CVE-2026-27601, CVE-2026-27942, CVE-2026-28338, CVE-2026-29063, CVE-2026-29074, CVE-2026-29786

CVE-2025-6176, CVE-2025-9820, CVE-2025-14009, CVE-2025-14104, CVE-2025-14831, CVE-2025-15281, CVE-2025-15366, CVE-2025-15367, CVE-2025-15467, CVE-2025-15468, CVE-2025-15599, CVE-2025-55130, CVE-2025-55131, CVE-2025-55132, CVE-2025-59465, CVE-2025-59466, CVE-2025-66199, CVE-2025-66614, CVE-2025-67721, CVE-2025-68160, CVE-2025-68161, CVE-2025-69418, CVE-2025-69419, CVE-2025-69420, CVE-2025-69421

Data Product Hub (dataproduct)

CVE-2026-1525, CVE-2026-1526, CVE-2026-1527, CVE-2026-1528, CVE-2026-2229, CVE-2026-2581, CVE-2026-25645, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-27699, CVE-2026-30922, CVE-2026-31802, CVE-2026-32141, CVE-2026-33036, CVE-2026-33151, CVE-2026-33186, CVE-2026-33228, CVE-2026-33349, CVE-2026-33671, CVE-2026-33672, CVE-2026-33762, CVE-2026-33870, CVE-2026-33871, CVE-2026-33891, CVE-2026-33894, CVE-2026-33895, CVE-2026-33896, CVE-2026-33997, CVE-2026-34040, CVE-2026-34165, CVE-2026-34601

CVE-2025-9820, CVE-2025-14831

DataStage (datastage_ent)

CVE-2025-68121

IBM Knowledge Catalog Premium (ikc_premium)

CVE-2025-6176, CVE-2025-9820, CVE-2025-14009, CVE-2025-14104, CVE-2025-14831, CVE-2025-15281, CVE-2025-15366, CVE-2025-15367, CVE-2025-15467, CVE-2025-15468, CVE-2025-15599, CVE-2025-55130, CVE-2025-55131, CVE-2025-55132, CVE-2025-59250, CVE-2025-59465, CVE-2025-59466, CVE-2025-66199, CVE-2025-66614, CVE-2025-67721, CVE-2025-68160, CVE-2025-68161, CVE-2025-69418, CVE-2025-69419, CVE-2025-69420, CVE-2025-69421

IBM Manta Data Lineage (datalineage)

CVE-2025-6176, CVE-2025-9820, CVE-2025-14009, CVE-2025-14104, CVE-2025-14831, CVE-2025-15281, CVE-2025-15366, CVE-2025-15367, CVE-2025-15467, CVE-2025-15468, CVE-2025-15599, CVE-2025-55130, CVE-2025-55131, CVE-2025-55132, CVE-2025-59250, CVE-2025-59465, CVE-2025-59466, CVE-2025-66199, CVE-2025-66614, CVE-2025-67721, CVE-2025-68160, CVE-2025-68161, CVE-2025-69418, CVE-2025-69419, CVE-2025-69420, CVE-2025-69421

Patch 2

No watsonx.data intelligence patches were included in this patch.

Patch 1

Release date: 2026-03-24

Version: 2.3.11

Security issues fixed in this patch

This patch addresses the following Common Vulnerabilities and Exposures (CVE):

CVE-2026-21925, CVE-2026-21932, CVE-2026-21933, CVE-2026-21945, CVE-2026-23745, CVE-2026-23897, CVE-2026-25128, CVE-2026-25639

CVE-2025-9086, CVE-2025-11187, CVE-2025-12084, CVE-2025-13836, CVE-2025-15469, CVE-2025-21605, CVE-2025-22234, CVE-2025-32023, CVE-2025-46817, CVE-2025-46818, CVE-2025-46819, CVE-2025-48367, CVE-2025-49844, CVE-2025-50537, CVE-2025-68157, CVE-2025-68458

CVE-2024-31228, CVE-2024-31449

CVE-2023-25155, CVE-2023-28856, CVE-2023-45145

CVE-2022-3647, CVE-2022-24735, CVE-2022-24736, CVE-2022-24834, CVE-2022-36021

CVE-2021-3470, CVE-2021-31294, CVE-2021-32626, CVE-2021-32672, CVE-2021-32761

CVE-2020-14147

CVE-2019-10192, CVE-2019-10193

CVE-2018-11218, CVE-2018-11219, CVE-2018-12326, CVE-2018-12453

CVE-2016-8339, CVE-2016-10517

CVE-2013-7458