Ibm Watsonx.data
9 CVEs affecting Ibm Watsonx.data. Latest disclosed: 2026-05-26. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-36140 | Medium | 6.5 | 2025-12-08 | IBM watsonx.data 2.2 through 2.2.1 could allow an authenticated user to cause a denial of service through ingestion pods due to improper allocation of resource… |
CVE-2025-36335 | Medium | 6.2 | 2026-04-30 | IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.3.0, 5.3.1 stores user credentials in plain text which can be read by a local user. |
CVE-2025-36139 | Medium | 5.5 | 2025-09-18 | IBM Lakehouse (watsonx.data 2.2) is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code i… |
CVE-2025-36145 | Medium | 5.4 | 2026-05-26 | IBM watsonx.data 2.2 through 2.3.1 IBM Lakehouse does not properly restrict inbound and outbound connections which could allow an attacker to transfer or modif… |
CVE-2025-36180 | Medium | 5.3 | 2026-04-30 | IBM watsonx.data 2.2 through 2.3 IBM Lakehouse does not properly restrict communication between pods which could allow an attacker to transfer data between pod… |
CVE-2025-36143 | Medium | 4.7 | 2025-09-18 | IBM Lakehouse (watsonx.data 2.2) could allow an authenticated privileged user to execute arbitrary commands on the system due to improper validation of user su… |
CVE-2025-36146 | Medium | 4.3 | 2025-09-18 | IBM Lakehouse (watsonx.data 2.2) could allow an authenticated user to obtain sensitive server component version information which could aid in further attacks… |
CVE-2025-36183 | Low | 3.8 | 2026-02-17 | IBM watsonx.data 2.2 through 2.2.1 IBM Lakehouse could allow a privileged user to upload malicious files that could be executed server to modify limited files… |
CVE-2025-36144 | Low | 3.3 | 2025-09-27 | IBM Lakehouse (watsonx.data 2.2) stores potentially sensitive information in log files that could be read by a local user. |