What is CVE-2025-12755?

CVE-2025-12755 is a medium-severity vulnerability in Ibm Mq Operator, classified under Improper Output Neutralization for Logs. CVSS score: 4.0/10. Published 2026-02-17.

How severe is CVE-2025-12755?

Medium severity. CVSS v3 base score is 4.0 out of 10.

Vulnerability in Ibm Mq Operator

CVE-2025-12755

IBM MQ Operator (SC2 v3.2.0–3.8.1, LTS v2.0.0–2.0.29) and IBM‑supplied MQ Advanced container images (across affected SC2, CD, and LTS 9.3.x–9.4.x releases) contain a vulnerability where log messages are not properly neutralized before bein…

EPSS: 0.000 (4.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.0 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N.

Affected products

Ibm Mq Operator — versions SC2: v3.2.0, CD: v3.3.0, LTS: v2.0.0
Ibm Supplied Mq Advanced Container Images — versions SC2: 9.4.0.6

Weakness classification (CWE)

CWE-117 — Improper Output Neutralization for Logs

References

www.ibm.com/support/pages/node/7260087 (vendor-advisory, patch)

Frequently asked questions

What is CVE-2025-12755?: CVE-2025-12755 is a medium-severity vulnerability in Ibm Mq Operator, classified under Improper Output Neutralization for Logs. CVSS score: 4.0/10. Published 2026-02-17.
How severe is CVE-2025-12755?: Medium severity. CVSS v3 base score is 4.0 out of 10.