Ibm Webmethods Integration — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Webmethods Integration, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2024-45076 — CVSS 9.9 (critical): IBM webMethods Integration 10.15 could allow an authenticated user to upload and execute arbitrary files which could be executed on the…
CVE-2025-36049 — CVSS 8.8 (high): IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 is vulnerable to an XML external entity injection (XXE) attack when…
CVE-2024-45075 — CVSS 8.8 (high): IBM webMethods Integration 10.15 could allow an authenticated user to create scheduler tasks that would allow them to escalate their…
CVE-2025-36072 — CVSS 8.8 (high): IBM webMethods Integration 10.11 through 10.11_Core_Fix22, 10.15 through 10.15_Core_Fix22, and 11.1 through 11.1_Core_Fix6 IBM webMethods…
CVE-2025-36202 — CVSS 7.5 (high): IBM webMethods Integration 10.15 and 11.1 could allow an authenticated user with required execute Services to execute commands on the…
CVE-2025-36048 — CVSS 7.2 (high): IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 could allow a privileged user to escalate their privileges when handling…
CVE-2024-45074 — CVSS 6.5 (medium): IBM webMethods Integration 10.15 could allow an authenticated user to traverse directories on the system. An attacker could send a…
CVE-2025-36037 — CVSS 5.4 (medium): IBM webMethods Integration 10.15 and 11.1 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to…