CVE-2025-36074

MEDIUM 5.5

Security vulnerability has been detected in IBM Security Verify Directory

CVSS Score

5.5

EPSS Score

0.0%

EPSS Percentile

0th

IBM Security Verify Directory (Container) 10.0.0 through 10.0.0.3 IBM Security Verify Directory could be vulnerable to malicious file upload by not validating file type. A privileged user could upload malicious files into the system that can be sent to victims for performing further attacks against the system.

CWE	CWE-434
Vendor	ibm
Product	security verify directory (container)
Published	Apr 22, 2026

Stay Ahead of the Next One

Get instant alerts for ibm security verify directory (container)

Be the first to know when new medium vulnerabilities affecting ibm security verify directory (container) are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

Low

Affected Versions

IBM / Security Verify Directory (Container)

10.0.0 ≤ 10.0.0.3

References

NVD ↗ CVE.org ↗ EPSS Data ↗

ibm.com: https://www.ibm.com/support/pages/node/7268907