CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-36128

IBM MQ 9.1, 9.2, 9.3, 9.4 LTS and 9.3, 9.4 CD is vulnerable to a denial of service, caused by improper enforcement of the timeout on individual read operations. By conducting slowloris-type attacks, a remote attacker could exploit this vulnerability to cause a denial of service.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 32.6%

CVSS Severity

CVSS v3 Score 7.5

References

https://www.ibm.com/support/pages/node/7244480

Products affected by CVE-2025-36128

Ibm » Mq » Version: 9.1.0.0

cpe:2.3:a:ibm:mq:9.1.0.0
Ibm » Mq » Version: 9.2.0.0

cpe:2.3:a:ibm:mq:9.2.0.0
Ibm » Mq » Version: 9.3.0

cpe:2.3:a:ibm:mq:9.3.0
Ibm » Mq » Version: 9.3.0.0

cpe:2.3:a:ibm:mq:9.3.0.0
Ibm » Mq » Version: 9.4.0

cpe:2.3:a:ibm:mq:9.4.0
Ibm » Mq » Version: 9.4.0.0

cpe:2.3:a:ibm:mq:9.4.0.0
Ibm » Aix » Version: N/A

cpe:2.3:o:ibm:aix:-
Ibm » I » Version: N/A

cpe:2.3:o:ibm:i:-
Linux » Linux Kernel » Version: N/A

cpe:2.3:o:linux:linux_kernel:-
Microsoft » Windows » Version: N/A

cpe:2.3:o:microsoft:windows:-
Oracle » Solaris » Version: N/A

cpe:2.3:o:oracle:solaris:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-36128

Products

Pricing

Contact Us