Watsonxdata Intelligence IBM Watsonxdata Intelligence

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in IBM Watsonxdata Intelligence.

By the Year

In 2026 there have been 11 vulnerabilities in IBM Watsonxdata Intelligence with an average score of 5.4 out of ten.

Year Vulnerabilities Average Score
2026 11 5.38

It may take a day or so for new Watsonxdata Intelligence vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent IBM Watsonxdata Intelligence Security Vulnerabilities

IBM watsonx.data 5.3.1 & Pre 5.3.1 Cleartext MITM Vulnerability
CVE-2025-12530 5.9 - Medium - June 30, 2026

IBM watsonx.data intelligence 5.2.2, 5.3.0, 5.3.1, 5.3.1 through patch-1 transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques.

Cleartext Transmission of Sensitive Information

IBM Watsonx.data 5.2.0-5.3.0 Throttle DoS via API
CVE-2025-36319 4.3 - Medium - June 30, 2026

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow an authenticated user to cause a temporary denial using a specially crafted HTTP request due to improper allocation of resource throttling.

Allocation of Resources Without Limits or Throttling

IBM watsonx.data Stored XSS in 5.2.0-5.3.0
CVE-2025-36320 6.4 - Medium - June 30, 2026

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

XSS

IBM watsonx.data HTML Injection in 5.2.0-5.3.0
CVE-2025-36321 5.7 - Medium - June 30, 2026

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site.

Basic XSS

IBM watsonx.data intelligence <5.3.0: CrossSite Scripting in Web UI
CVE-2025-36323 5.4 - Medium - June 30, 2026

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

XSS

IBM Watsonx.data SSRF v5.2.0-5.3.0 Authenticated Attack
CVE-2025-36324 4.3 - Medium - June 30, 2026

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 s vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.

SSRF

IBM watsonx.data 5.2-5.3 Auth Bypass via Client-side Enforcement
CVE-2025-36327 6.5 - Medium - June 30, 2026

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow an authenticated user to bypass security controls and perform unauthorized actions due to client-side enforcement of sever-side security.

Client-Side Enforcement of Server-Side Security

IBM watsonx.data 5.2.05.3.0 Err Msg Leak
CVE-2025-36328 4.3 - Medium - June 30, 2026

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.  This information could be used in further attacks against the system.

Generation of Error Message Containing Sensitive Information

IBM WatsonX.data 5.2-5.3: Auth.Unauth Actions w/ Improper Workflow
CVE-2025-36333 4.3 - Medium - June 30, 2026

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could allow an authenticated user to perform unauthorized actions due to the improper enforcement of behavioral workflow.

Improper Enforcement of Behavioral Workflow

IBM watsonx.data MIse: Cleartext Transmission Enables MITM (pre-5.3.0)
CVE-2025-36336 5.9 - Medium - June 30, 2026

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques.

Cleartext Transmission of Sensitive Information

IBM Watsonx.data stores credentials in plaintext (5.2.0-5.3.1)
CVE-2025-36335 6.2 - Medium - April 30, 2026

IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.3.0, 5.3.1 stores user credentials in plain text which can be read by a local user.

Unprotected Storage of Credentials

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for IBM Watsonxdata Intelligence or by IBM? Click the Watch button to subscribe.

IBM
Vendor

subscribe