EUVD-2025-26269

🗓️ 18 Dec 2025 18:30:28Reported by EUVDType

SQL injection vulnerability in IBM watsonx Orchestrate Cartridge for Cloud Pak Data 4.8.4–5.2.0 allows remote attackers to view, modify, or delete data.

Reporter	Title	Published	Views	Family All 10
IBM Security Bulletins	Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in Blind SQL Injection	29 Aug 202519:17	–	ibm
Circl	CVE-2025-0165	31 Aug 202503:01	–	circl
CNNVD	IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data SQL注入漏洞	30 Aug 202500:00	–	cnnvd
CVE	CVE-2025-0165	30 Aug 202512:47	–	cve
Cvelist	CVE-2025-0165 IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data SQL injection	30 Aug 202512:47	–	cvelist
NVD	CVE-2025-0165	30 Aug 202513:15	–	nvd
OSV	CVE-2025-0165	30 Aug 202513:15	–	osv
Positive Technologies	PT-2025-35358	30 Aug 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-0165	1 Sep 202513:17	–	redhatcve
Vulnrichment	CVE-2025-0165 IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data SQL injection	30 Aug 202512:47	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "918bc169-3bab-364e-9cbe-80df3de32fa4",
        "vendor": {
          "name": "IBM"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "10d88888-767a-3e40-9e50-79260b9548ba",
        "product": {
          "name": "watsonx Orchestrate Cartridge for IBM Cloud Pak for Data"
        },
        "product_version": "5.0.0 ≤5.2.0"
      },
      {
        "id": "41ae4873-a7c7-3e89-a691-795af37567ba",
        "product": {
          "name": "watsonx Orchestrate Cartridge for IBM Cloud Pak for Data"
        },
        "product_version": "4.8.4 ≤4.8.5"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/7243596
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-0165

18 Dec 2025 18:30Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.17.6 - 9.8

EPSS0.00107

SSVC