Home

Description

IBM watsonx.data 2.2 through 2.2.1 IBM Lakehouse could allow a privileged user to upload malicious files that could be executed server to modify limited files or data.

PUBLISHED Reserved 2025-04-15 | Published 2026-02-17 | Updated 2026-02-18 | Assigner ibm




LOW: 3.8CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L

Problem types

CWE-434 Unrestricted Upload of File with Dangerous Type

Product status

2.2 (semver)
affected

References

www.ibm.com/support/pages/node/7260118 vendor-advisory patch

cve.org (CVE-2025-36183)

nvd.nist.gov (CVE-2025-36183)

Download JSON