Every CVE whose affected-product data names Ibm Watsonx.data, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2025-36140 — CVSS 6.5 (medium): IBM watsonx.data 2.2 through 2.2.1 could allow an authenticated user to cause a denial of service through ingestion pods due to improper…
CVE-2025-36335 — CVSS 6.2 (medium): IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.3.0, 5.3.1 stores user credentials in plain text which can be read by a local user.
CVE-2025-36139 — CVSS 5.5 (medium): IBM Lakehouse (watsonx.data 2.2) is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed…
CVE-2025-36145 — CVSS 5.4 (medium): IBM watsonx.data 2.2 through 2.3.1 IBM Lakehouse does not properly restrict inbound and outbound connections which could allow an attacker…
CVE-2025-36180 — CVSS 5.3 (medium): IBM watsonx.data 2.2 through 2.3 IBM Lakehouse does not properly restrict communication between pods which could allow an attacker to…
CVE-2025-36143 — CVSS 4.7 (medium): IBM Lakehouse (watsonx.data 2.2) could allow an authenticated privileged user to execute arbitrary commands on the system due to improper…
CVE-2025-36146 — CVSS 4.3 (medium): IBM Lakehouse (watsonx.data 2.2) could allow an authenticated user to obtain sensitive server component version information which could aid…
CVE-2025-36183 — CVSS 3.8 (low): IBM watsonx.data 2.2 through 2.2.1 IBM Lakehouse could allow a privileged user to upload malicious files that could be executed server to…
CVE-2025-36144 — CVSS 3.3 (low): IBM Lakehouse (watsonx.data 2.2) stores potentially sensitive information in log files that could be read by a local user.