IBM
Security Scorecard
Score
25F
Total CVEs
299
Patch Rate
6%
19 patched
Avg Response
-
days to patch
Critical Gaps
38
exploitable, no detection
Severity Breakdown
Critical1
High144
Medium117
Low31
Patch Status
Patched19 (6%)
Partial/Workaround3 (1%)
Unpatched277 (93%)
CVEs (302)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-36085 | IBM Concert SSRF Vulnerability | MEDIUM | 5.4 | - | Patched |
| CVE-2025-36083 | IBM Concert Software Vulnerability | MEDIUM | 6.2 | - | Patched |
| CVE-2025-36081 | IBM Concert Software Vulnerability | MEDIUM | 5.3 | - | Patched |
| CVE-2025-33132 | IBM DB2 High Performance Unload Vulnerability | MEDIUM | 6.5 | 52d | Unpatched |
| CVE-2025-33133 | IBM DB2 High Performance Unload Vulnerability | MEDIUM | 6.5 | 52d | Unpatched |
| CVE-2025-33131 | IBM DB2 High Performance Unload Vulnerability | MEDIUM | 6.5 | 52d | Unpatched |
| CVE-2025-33126 | IBM DB2 High Performance Unload Vulnerability | MEDIUM | 6.5 | 52d | Unpatched |
| CVE-2025-36007 | IBM QRadar SIEM Privilege Escalation | HIGH | 7.8 | 49d | Unpatched |
| CVE-2025-36138 | IBM QRadar SIEM Cross-Site Scripting Vulnerability | MEDIUM | 6.4 | 49d | Unpatched |
| CVE-2025-36121 | IBM OpenPages HTML Injection Vulnerability | MEDIUM | 5.4 | 53d | Unpatched |