CVE-2025-36072

🗓️ 20 Nov 2025 22:09:42Reported by ibmType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 11 Views

Authenticated user can execute arbitrary code via deserialization of untrusted objects in webMethods.

Reporter	Title	Published	Views	Family All 9
IBM Security Bulletins	Security Bulletin: IBM webMethods Integration (on prem) is affected by arbitrary code execution	8 Dec 202517:13	–	ibm
Circl	CVE-2025-36072	24 Jan 202622:44	–	circl
CNNVD	IBM webMethods Integration 代码问题漏洞	20 Nov 202500:00	–	cnnvd
Cvelist	CVE-2025-36072 IBM webMethods Integration Deserialization	20 Nov 202522:09	–	cvelist
EUVD	EUVD-2025-198374	21 Nov 202500:30	–	euvd
NVD	CVE-2025-36072	20 Nov 202523:15	–	nvd
Positive Technologies	PT-2025-47639	20 Nov 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-36072	21 Nov 202522:35	–	redhatcve
Vulnrichment	CVE-2025-36072 IBM webMethods Integration Deserialization	20 Nov 202522:09	–	vulnrichment

NVD

Vulners

Node

ibm webmethods_integrationMatch10.11-

ibm webmethods_integrationMatch10.11core_fix22

ibm webmethods_integrationMatch10.15-

ibm webmethods_integrationMatch10.15core_fix22

ibm webmethods_integrationMatch11.1-

ibm webmethods_integrationMatch11.1core_fix6

[
  {
    "cpes": [
      "cpe:2.3:a:ibm:webmethods_integration:10.11:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:webmethods_integration:10.11:Core_Fix22:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:webmethods_integration:10.15:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:webmethods_integration:10.15:Core_Fix22:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:webmethods_integration:11.1:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:webmethods_integration:11.1:Core_Fix6:*:*:*:*:*:*"
    ],
    "product": "webMethods Integration",
    "vendor": "IBM",
    "versions": [
      {
        "lessThanOrEqual": "10.11_Core_Fix22",
        "status": "affected",
        "version": "10.11",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "10.15_Core_Fix22",
        "status": "affected",
        "version": "10.15",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "11.1_Core_Fix6",
        "status": "affected",
        "version": "11.1",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/7252090

15 Dec 2025 14:44Current

7.3High risk

Vulners AI Score7.3

CVSS 3.18.8

EPSS0.0071

SSVC

CWE-502