CVE-2025-13995 MEDIUM

CVE-2025-13995: IBM QRadar SIEM Information Disclosure

Vendor Ibm
Product QRadar
Weakness CWE-1286
Published March 19, 2026
Last update March 20, 2026

CVSS base score

5.0/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

What the vulnerability does

01Description

IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 could allow an attacker with access to one tenant to access hostname data from another tenant's account.

Key dates

02Disclosure timeline

March 19, 2026 CVE published
March 20, 2026 Record updated