IBM Watsonx.data Lakehouse: Malicious File Upload Risk

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

2.7

IBM Watsonx.data Lakehouse: Malicious File Upload Risk

CVE-2025-36183

Summary

A privileged user can upload malicious files to IBM Watsonx.data Lakehouse, which could allow them to modify certain files or data on the server. This could potentially lead to unauthorized changes or data tampering. IBM recommends users update to the latest version of the software to mitigate this risk.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions	Fix available
ibm	watsonx.data	> 2.2.0 , <= 2.2.2	–

Original title

IBM watsonx.data 2.2 through 2.2.1 IBM Lakehouse could allow a privileged user to upload malicious files that could be executed server to modify limited files or data.

Original description

IBM watsonx.data 2.2 through 2.2.1 IBM Lakehouse could allow a privileged user to upload malicious files that could be executed server to modify limited files or data.

nvd CVSS3.1 2.7

Vulnerability type

CWE-434 Unrestricted File Upload

https://www.ibm.com/support/pages/node/7260118 Vendor Advisory

Published: 17 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026