Lucene search
K

323 matches found

NVD
NVD
added 6 days ago6 views

CVE-2025-36333

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow an authenticated user to perform unauthorized actions due to the improper enforcement of behavioral workflow...

4.3CVSS0.00277EPSS
Exploits0References1
NVD
NVD
added 6 days ago6 views

CVE-2025-36321

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site...

5.7CVSS0.00398EPSS
Exploits0References1
NVD
NVD
added 6 days ago6 views

CVE-2025-12530

IBM watsonx.data intelligence 5.2.2, 5.3.0, 5.3.1, 5.3.1 through patch-1 transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques...

5.9CVSS0.00203EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago5 views

EUVD-2025-210384

IBM watsonx.data intelligence 5.2.2, 5.3.0, 5.3.1, 5.3.1 through patch-1 transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques...

5.9CVSS5.8AI score0.00203EPSS
Exploits0References1
CVE
CVE
added 6 days ago9 views

CVE-2025-36319

CVE-2025-36319 affects IBM watsonx.data intelligence versions 5.2.0, 5.2.1, 5.2.2, and 5.3.0. The issue allows an authenticated user to trigger a temporary denial of service via a specially crafted HTTP request caused by improper allocation of resource throttling. The connected data sources do no...

4.3CVSS5.8AI score0.00422EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago6 views

EUVD-2025-210382

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...

6.4CVSS5.5AI score0.00251EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago5 views

EUVD-2025-210380

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

5.4CVSS5.5AI score0.00226EPSS
Exploits0References1
CVE
CVE
added 6 days ago11 views

CVE-2025-36327

CVE-2025-36327 affects IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, and 5.3.0. An authenticated user can bypass security controls and perform unauthorized actions due to client-side enforcement of server-side security. The issue is described as a failure of client-side controls to enforce s...

6.5CVSS5.8AI score0.00375EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago30 views

CVE-2025-36328 Error Message Containing Sensitive Information found in Watson Data Intelligence

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

4.3CVSS0.00359EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 6 days ago4 views

PT-2026-53981

Name of the Vulnerable Software and Affected Versions IBM watsonx.data intelligence versions 5.2.0 through 5.3.0 Description An authenticated user can perform unauthorized actions because of improper enforcement of the behavioral workflow. Recommendations At the moment, there is no information...

4.3CVSS5.9AI score0.00277EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/22 1:49 p.m.3 views

Security Bulletin: Vulnerability in Java SE affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Java SE has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabili...

7.5CVSS6.5AI score0.00864EPSS
Exploits1Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/22 1:20 p.m.3 views

Security Bulletin: Vulnerability in Lodash affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Lodash has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabilit...

8.2CVSS6.5AI score0.01535EPSS
Exploits0Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/12 11:1 a.m.12 views

Security Bulletin: Multiple vulnerabilities in IBM watsonx Orchestrate Developer Edition

Summary Multiple vulnerabilities were addressed in IBM watsonx Orchestrate Developer Edition version 2.11.0 Vulnerability Details CVEID:CVE-2026-40895 DESCRIPTION: follow-redirects is an open source, drop-in replacement for Node's http and https modules that automatically follows redirects. Prior...

9.3CVSS5.2AI score0.00838EPSS
Exploits3Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:42 p.m.9 views

CVE-2025-36180

IBM watsonx.data 2.2 through 2.3 IBM Lakehouse does not properly restrict communication between pods which could allow an attacker to transfer data between pods without restrictions...

7.5CVSS5.4AI score0.00186EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:42 p.m.9 views

CVE-2025-36335

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.3.0, 5.3.1 stores user credentials in plain text which can be read by a local user...

6.2CVSS5.4AI score0.00093EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:42 p.m.9 views

CVE-2025-36145

IBM watsonx.data 2.2 through 2.3.1 IBM Lakehouse does not properly restrict inbound and outbound connections which could allow an attacker to transfer or modify files without restrictions...

5.4CVSS5.5AI score0.00166EPSS
Exploits0References1
NVD
NVD
added 2026/05/26 5:16 p.m.10 views

CVE-2025-36145

IBM watsonx.data 2.2 through 2.3.1 IBM Lakehouse does not properly restrict inbound and outbound connections which could allow an attacker to transfer or modify files without restrictions...

5.4CVSS0.00166EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.12 views

PT-2026-43280

IBM watsonx.data 2.2 through 2.3.1 IBM Lakehouse does not properly restrict inbound and outbound connections which could allow an attacker to transfer or modify files without restrictions...

5.4CVSS5.8AI score0.00166EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/18 6:56 a.m.10 views

Security Bulletin: Multiple vulnerabilities in IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Multiple vulnerabilities were addressed in IBM watsonx Orchestrate with watsonx Assistant Cartridge version 5.3.2 Vulnerability Details CVEID:CVE-2026-24398 DESCRIPTION: Hono is a Web application framework that provides support for any JavaScript runtime. Prior to version 4.11.7, IP...

8.8CVSS7.1AI score0.01535EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 2:26 p.m.6 views

Security Bulletin: Vulnerability in Elasticsearch PKI realm affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Elasticsearch PKI realm has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional...

7.4CVSS5.7AI score0.0016EPSS
Exploits0Affected Software2
Rows per page
Query Builder