CVE-2025-36371

CWE-5983 documents3 sources

Severity

6.5MEDIUM

EPSS

0.1%

top 83.41%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM I

Timeline

PublishedNov 19

Description

IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 are impacted by obtaining an information vulnerability in the database plan cache implementation. A user with access to the database plan cache could see information they do not have authority to view.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5ibm/i5 versions+4

▶NVDibm/i5 versions+4

🔴Vulnerability Details

CVEList

IBM i Information Disclosure↗2025-11-19

▶

GHSA

GHSA-jw5q-rcm6-45rp: IBM i 7↗2025-11-19

▶