PT-2026-34574 · Ibm · Ibm Security Verify Directory

Published

2026-04-22

Updated

2026-05-13

CVE-2025-36074

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions IBM Security Verify Directory (Container) versions 10.0.0 through 10.0.0.3

Description IBM Security Verify Directory is susceptible to malicious file upload due to a failure to validate file types. This allows a privileged user to upload harmful files into the system, which can then be sent to victims to facilitate further attacks against the system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-434

Related Identifiers

CVE-2025-36074

Affected Products

Ibm Security Verify Directory

PT-2026-34574 · Ibm · Ibm Security Verify Directory

CVE-2025-36074

Weakness Enumeration

Related Identifiers

Affected Products

References · 4