PT-2026-20253

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3 could allow an authenticated user to obtain sensitive information under specific HADR configuration...

PT-2026-20234

Name of the Vulnerable Software and Affected Versions IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 Description IBM DB2 Recovery Expert for Linux, UNIX and Windows is susceptible to HTTP header injection due to insufficient input validation of the HOST headers. This flaw potentially enables...

PT-2026-20231

Name of the Vulnerable Software and Affected Versions IBM DB2 Recovery Expert for LUW version 5.5 Interim Fix 002 Description The software does not invalidate sessions after a timeout. This could allow an authenticated user to impersonate another user on the system. Recommendations At the moment,...

IBM DB2 Merge Backup 安全漏洞

IBM DB2 Merge Backup is a database-assisted backup tool developed by IBM. Version 12.1.0.0 of IBM DB2 Merge Backup contains a security vulnerability. This vulnerability stems from buffer overflows allocated at the stack level, which could allow authenticated users to cause the program to crash...

PT-2026-20233

Name of the Vulnerable Software and Affected Versions IBM DB2 Recovery Expert for LUW version 5.5 Interim Fix 002 Description The software contains a flaw that could enable a remote attacker to carry out phishing attacks through an open redirect. A crafted website can be used to exploit this issu...

PT-2026-20227

Name of the Vulnerable Software and Affected Versions IBM Db2 versions 11.5.0 through 11.5.9 IBM Db2 versions 12.1.0 through 12.1.3 Description An authenticated user may be able to cause a denial of service due to improper neutralization of special elements in data query logic. Recommendations...

Security Bulletin: Multiple security vulnerabilities have been identified in IBM Db2 shipped with IBM Guardium Key Lifecycle Manager (SKLM/GKLM)

Summary IBM Db2 is shipped as a component of IBM Guardium Key Lifecycle Manager SKLM/GKLM. Information about multiple security vulnerabilities affecting IBM Db2 has been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

IBM DB2 DoS (7259963) (Unix)

According to its self-reported version number, IBM Db2 is affected by a denial of service vulnerability: - IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data quer...

IBM Db2 Denial of Service Vulnerability (CNVD-2026-14669)

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM Db2 suffers from a denial of service vulnerability that originates from a possible trap when...

IBM Db2 Big SQL on Cloud Pak for Data Resource Management Error Vulnerability

IBM Db2 Big SQL on Cloud Pak for Data is a massively parallel processing SQL engine from International Business Machines IBM. A resource management error vulnerability exists in IBM Db2 Big SQL on Cloud Pak for Data, which stems from not properly limiting system resource allocation and can be...

IBM Db2 Denial of Service Vulnerability (CNVD-2026-14674)

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM Db2 suffers from a denial of service vulnerability that originates from improper neutralization of...

IBM Db2 Denial of Service Vulnerability (CNVD-2026-14676)

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM Db2 suffers from a denial of service vulnerability that originates from improper neutralization of...

IBM Db2 Denial of Service Vulnerability (CNVD-2026-14667)

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM Db2, which can be exploited by an attacker to cause a...

IBM Db2 Denial of Service Vulnerability (CNVD-2026-14668)

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM Db2, which can be exploited by an attacker to cause a...

IBM Db2 Resource Management Error Vulnerability (CNVD-2026-13789)

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM Db2 suffers from a Resource Management Error vulnerability that originates from a misallocation of...

IBM Db2 Denial of Service Vulnerability (CNVD-2026-14675)

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM Db2 suffers from a denial of service vulnerability that originates from improper neutralization of...

IBM Db2 Denial of Service Vulnerability (CNVD-2026-14666)

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. A denial of service vulnerability exists in IBM Db2, which can be exploited by an attacker to cause a...

IBM Db2 Denial of Service Vulnerability (CNVD-2026-14673)

IBM Db2 is a relational database management system from International Business Machines IBM. The system's execution environments are mainly UNIX, Linux, IBMi, z/OS, and Windows server versions. IBM Db2 suffers from a denial of service vulnerability that originates from improper neutralization of...

Security Bulletin: Fixes to common vulnerabilities found in IBM Db2 Merge Backup for Linux, UNIX and Windows

Summary Fixes to common vulnerabilities discovered in IBM Db2 Merge Backup for Linux, UNIX and Windows v12.1 are available to download from IBM. Vulnerability Details CVEID:CVE-2025-33130 DESCRIPTION: IBM Db2 Merge Backup for Linux, UNIX and Windows could allow an authenticated user to cause the...

Security Bulletin: IBM® Db2® is vulnerable to sensitive information disclosure under specific HADR configuration (CVE-2025-36425)

Summary IBM® Db2® could allow an authenticated user to obtain sensitive information under specific HADR configuration. Vulnerability Details CVEID:CVE-2025-36425 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to obtain sensitive...