VYPR
High severity8.8NVD Advisory· Published Jun 18, 2025· Updated Jun 17, 2026

CVE-2025-36049

CVE-2025-36049

Description

IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15

is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote authenticated attacker could exploit this vulnerability to execute arbitrary commands.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:softwareag:webmethods:10.5:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:softwareag:webmethods:10.5:*:*:*:*:*:*:*range: 10.5
    • (no CPE)range: 10.5, 10.7, 10.11, and 10.15

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.