VYPR

Cognos Transformer

by IBM

CVEs (2)

  • CVE-2025-36126MedMay 26, 2026
    risk 0.42cvss 6.4epss 0.00

    IBM Cognos Analytics 11.2.0, 12.0, and 12.1.0 and IBM Cognos Transformer 12.0, 11.2.4, and 12.1.0 is vulnerable to stored cross-site scripting (XSS) in Cognos Adminstration. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus…

  • CVE-2025-3633MedMay 27, 2026
    risk 0.35cvss 5.4epss 0.00

    IBM Cognos Analytics 11.2.0, 11.2.4, 12.0, and 12.1.0 and IBM Cognos Transformer 11.2.4, 12.0, and 12.1.0 are vulnerable to cross-site scripting (XSS). This vulnerability allows a remote attacker to inject arbitrary JavaScript code into the web user interface, which may alter…