CVE-2025-36183

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-36183
IBM watsonx.data 2.2 through 2.2.1 IBM Lakehouse could allow a privileged user to upload malicious files that could be executed server to modify limited files or data.

3.8 /10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 2.5

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References
Link Resource
https://www.ibm.com/support/pages/node/7260118 Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:ibm:watsonx.data:*:*:*:*:*:*:*:*
History

20 Feb 2026, 17:57

Type Values Removed Values Added
CPE cpe:2.3:a:ibm:watsonx.data:*:*:*:*:*:*:*:*
First Time Ibm
Ibm watsonx.data
References () https://www.ibm.com/support/pages/node/7260118 - () https://www.ibm.com/support/pages/node/7260118 - Vendor Advisory

18 Feb 2026, 17:51

Type Values Removed Values Added
Summary
  • (es) IBM watsonx.data 2.2 a 2.2.1 IBM Lakehouse podría permitir a un usuario con privilegos subir archivos maliciosos que podrían ser ejecutados en el servidor para modificar archivos o datos limitados.

17 Feb 2026, 22:18

Type Values Removed Values Added
New CVE
Information

Published : 2026-02-17 22:18

Updated : 2026-02-20 17:57

NVD link : CVE-2025-36183

Mitre link : CVE-2025-36183

CVE.ORG link : CVE-2025-36183

JSON object : View

Products Affected

ibm

  • watsonx.data
CWE
CWE-434

Unrestricted Upload of File with Dangerous Type