IBM Watsonx Data
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in IBM Watsonx Data.
By the Year
In 2026 there have been 1 vulnerability in IBM Watsonx Data with an average score of 3.8 out of ten. Last year, in 2025 Watsonx Data had 5 security vulnerabilities published. Right now, Watsonx Data is on track to have less security vulnerabilities in 2026 than it did last year. Last year, the average CVE base score was greater by 1.06
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 1 | 3.80 |
| 2025 | 5 | 4.86 |
It may take a day or so for new Watsonx Data vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent IBM Watsonx Data Security Vulnerabilities
Upload of Malicious Files Enables Server Exec in IBM watsonx.data 2.2-2.2.1
CVE-2025-36183
3.8 - Low
- February 17, 2026
IBM watsonx.data 2.2 through 2.2.1 IBM Lakehouse could allow a privileged user to upload malicious files that could be executed server to modify limited files or data.
Unrestricted File Upload
IBM watsonx.data 2.2-2.2.1 DoS via Unbounded Resource Alloc. in Ingestion Pods
CVE-2025-36140
6.5 - Medium
- December 08, 2025
IBM watsonx.data 2.2 through 2.2.1 could allow an authenticated user to cause a denial of service through ingestion pods due to improper allocation of resources without limits.
Allocation of Resources Without Limits or Throttling
IBM Lakehouse (watsonx.data 2.2) logs sensitive data risk to local user
CVE-2025-36144
3.3 - Low
- September 27, 2025
IBM Lakehouse (watsonx.data 2.2) stores potentially sensitive information in log files that could be read by a local user.
Insertion of Sensitive Information into Log File
IBM Lakehouse (watsonx.data 2.2) Authenticated Info Disclosure: Server Vrsns
CVE-2025-36146
4.3 - Medium
- September 18, 2025
IBM Lakehouse (watsonx.data 2.2) could allow an authenticated user to obtain sensitive server component version information which could aid in further attacks against the system.
Exposure of Sensitive System Information to an Unauthorized Control Sphere
IBM Watsonx Data 2.2: Arbitrary Command Exec via Improper Input in Lakehouse
CVE-2025-36143
4.7 - Medium
- September 18, 2025
IBM Lakehouse (watsonx.data 2.2) could allow an authenticated privileged user to execute arbitrary commands on the system due to improper validation of user supplied input.
Shell injection
Stored XSS in IBM Lakehouse (watsonx.data 2.2) Web UI
CVE-2025-36139
5.5 - Medium
- September 18, 2025
IBM Lakehouse (watsonx.data 2.2) is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for IBM Watsonx Data or by IBM? Click the Watch button to subscribe.
