CVE-2025-36183

IBM watsonx.data 2.2 through 2.2.1 IBM Lakehouse could allow a privileged user to upload malicious files that could be executed server to modify limited files or data.

CVSS v3 3.8 LOW

3.8^/10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 2.5

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://www.ibm.com/support/pages/node/7260118	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:ibm:watsonx.data:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2026-02-17 22:18

Updated : 2026-02-20 17:57

NVD link : CVE-2025-36183

Mitre link : CVE-2025-36183

CVE.ORG link : CVE-2025-36183

JSON object : View

Products Affected

ibm

watsonx.data

CWE

CWE-434

Unrestricted Upload of File with Dangerous Type

3.8 /10