CVE-2026-1577

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic...

CVE-2026-1577 IBM® Db2® is vulnerable to a denial of service with a specially crafted query involving multiple subqueries

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic...

CVE-2025-14688 IBM® Db2® is vulnerable to a denial of service when fetching from certain tables under specific configurations

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic when certain configurations exist...

PT-2026-36204

Name of the Vulnerable Software and Affected Versions IBM Db2 versions 11.5.0 through 11.5.9 IBM Db2 versions 12.1.0 through 12.1.3 Description An authenticated user can cause a denial of service in IBM Db2 including Db2 Connect Server for Linux, UNIX, and Windows. This occurs due to improper...

IBM DB2 Multiple DoS (7269433, 7269434, 7269424, 7267642) (Windows)

According to its self-reported version number, IBM Db2 is affected by multiple denial of service vulnerabilities: - IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in...

IBM DB2 Federated Server DoS (7269435) (Windows)

According to its self-reported version number, IBM Db2 is affected by a denial of service vulnerability: - IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in the data...

CVE-2025-13867

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3 could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic...

CVE-2025-36425

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3 could allow an authenticated user to obtain sensitive information under specific HADR configuration...

CVE-2025-2668

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 is vulnerable to a denial of service as the server may crash when an authenticated user creates a specially crafted query...

EUVD-2025-206554

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service due to improper allocation of resources...

CVE-2025-36427

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow a user to cause a denial of service due to insufficient validation of special elements in data query logic...

CVE-2025-36366

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow a user to cause a denial of service by executing a query that invokes the JSONObject scalar function, which may trigger an unhandled exception leading to abnormal server termination...

CVE-2025-36423

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 12.1.0 - 12.1.3 could allow a local user to cause a denial of service due to improper neutralization of special elements in data query logic...

CVE-2025-36184

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 could allow an instance owner to execute malicious code that escalate their privileges to root due to execution of unnecessary privileges operated at a higher than minimum level...

UBUNTU-CVE-2025-36428

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic when the RPSCAN feature is enabled...

UBUNTU-CVE-2025-36366

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow a user to cause a denial of service by executing a query that invokes the JSONObject scalar function, which may trigger an unhandled exception leading to abnormal server termination...

CVE-2025-36070

CVE-2025-36070 affects IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0–11.5.9 and 12.1.0–12.1.3. A denial-of-service can occur when selecting from certain table types due to an allocation/overrun condition. IBM classifies CVSS as 3.1 base score 6.5 (AV:N/AC:L/PR:L/UI:N/S:...

CVE-2025-36098 IBM Db2 Denial of Service

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service due to improper allocation of resources...

CVE-2025-36387

CVE-2025-36387 affects IBM Db2 for Linux, UNIX and Windows (incl. DB2 Connect Server) versions 11.5.0–11.5.9 . An authenticated user can cause a denial of service by submitting a specially crafted query that uses QGM objects with specific subquery expressions. The IBM bulletin lists the CVSS base...

PT-2026-5457

Name of the Vulnerable Software and Affected Versions IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server versions 12.1.0 through 12.1.3 Description The software may allow a local user to cause a denial of service due to improper neutralization of special elements in data query logic...