CVE-2025-36059 Multiple security vulnerabilities are addressed in IBM Business Automation Workflow Containers fixes December 2025

🗓️ 20 Jan 2026 15:07:46Reported by ibmType

CVE-2025-36059 fixes vulnerabilities in IBM Business Automation Workflow Containers; local users could execute operating system calls.

Reporter	Title	Published	Views	Family All 11
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities are addressed in IBM Business Automation Workflow Containers fixes December 2025	12 Jan 202615:11	–	ibm
ATTACKERKB	CVE-2025-36059	20 Jan 202615:07	–	attackerkb
Circl	CVE-2025-36059	20 Jan 202622:21	–	circl
CNNVD	IBM Business Automation Workflow security vulnerabilities	20 Jan 202600:00	–	cnnvd
CVE	CVE-2025-36059	20 Jan 202615:07	–	cve
EUVD	EUVD-2026-3358	20 Jan 202615:07	–	euvd
NVD	CVE-2025-36059	20 Jan 202616:16	–	nvd
OSV	CVE-2025-36059	20 Jan 202616:16	–	osv
Positive Technologies	PT-2026-3586	20 Jan 202600:00	–	ptsecurity
RedhatCVE	CVE-2025-36059	21 Jan 202615:27	–	redhatcve

[
  {
    "cpes": [
      "cpe:2.3:a:ibm:business_automation_workflow_containers:25.0.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:business_automation_workflow_containers:25.0.0:interim_fix_002:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:business_automation_workflow_containers:24.0.1:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:business_automation_workflow_containers:24.0.1:interim_fix_005:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:business_automation_workflow_containers:24.0.0:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:business_automation_workflow_containers:24.0.0:interim_fix_006:*:*:*:*:*:*"
    ],
    "product": "Business Automation Workflow containers",
    "vendor": "IBM",
    "versions": [
      {
        "lessThanOrEqual": "25.0.0 Interim Fix 002",
        "status": "affected",
        "version": "25.0.0",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "24.0.1 Interim Fix 005",
        "status": "affected",
        "version": "24.0.1",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "24.0.0 Interim Fix 006",
        "status": "affected",
        "version": "24.0.0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/7256777

20 Jan 2026 15:07Current

CVSS 3.14.7

EPSS0.0002

CWE-250