๐Ÿ” CVE Alert

CVE-2026-15995

MEDIUM 5.4

IBM Cognos Analytics 12.1.3 general availability package contains a data integrity issue in the Agentic AI assistant that may cause incorrect report summaries or report-processing errors under concurrent use

CVSS Score
5.4
EPSS Score
0.0%
EPSS Percentile
0th

IBM Cognos Analytics 12.1.3 GA Version with build number through 12.1.3-2606251736 could allow an attacker to obtain incorrect report summary results or cause report-processing failures due to a race condition in the Agentic AI assistant's concurrent request-handling logic when multiple authenticated users submit report-related tasks simultaneously.

CWE CWE-362
Vendor ibm
Product cognos analytics
Published Jul 17, 2026
Stay Ahead of the Next One

Get instant alerts for ibm cognos analytics

Be the first to know when new medium vulnerabilities affecting ibm cognos analytics are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
None

Affected Versions

IBM / Cognos Analytics
12.1.3 GA Version with build number โ‰ค 12.1.3-2606251736

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
ibm.com: https://www.ibm.com/support/pages/node/7280311