What is CVE-2025-36106?

CVE-2025-36106 is a medium-severity vulnerability in Ibm Cognos Analytics Mobile, classified under Inadequate Encryption Strength. CVSS score: 6.5/10. Published 2025-07-21.

How severe is CVE-2025-36106?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Vulnerability in Ibm Cognos Analytics Mobile

CVE-2025-36106

IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22 could allow malicious actors to view and modify information coming to and from the application which could then be used to access confidential information on the device or network by u…

EPSS: 0.001 (28.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N.

Affected products

Ibm Cognos Analytics Mobile — versions 1.1.0

Weakness classification (CWE)

CWE-326 — Inadequate Encryption Strength

References

www.ibm.com/support/pages/node/7239635 (vendor-advisory, patch)

Frequently asked questions

What is CVE-2025-36106?: CVE-2025-36106 is a medium-severity vulnerability in Ibm Cognos Analytics Mobile, classified under Inadequate Encryption Strength. CVSS score: 6.5/10. Published 2025-07-21.
How severe is CVE-2025-36106?: Medium severity. CVSS v3 base score is 6.5 out of 10.