PT-2026-36204

Name of the Vulnerable Software and Affected Versions IBM Db2 versions 11.5.0 through 11.5.9 IBM Db2 versions 12.1.0 through 12.1.3 Description An authenticated user can cause a denial of service in IBM Db2 including Db2 Connect Server for Linux, UNIX, and Windows. This occurs due to improper...

IBM Db2 安全漏洞

IBM Db2 is a relational database management system developed by IBM. Versions 11.5.0 to 11.5.9 and 12.1.0 to 12.1.3 of IBM Db2 contain security vulnerabilities. These vulnerabilities stem from improper handling of special elements in the data query logic, which may cause denial-of-service attacks...

IBM DB2 Multiple DoS (7269433, 7269434, 7269424, 7267642) (Windows)

According to its self-reported version number, IBM Db2 is affected by multiple denial of service vulnerabilities: - IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in...

IBM DB2 Federated Server DoS (7269435) (Windows)

According to its self-reported version number, IBM Db2 is affected by a denial of service vulnerability: - IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in the data...

CVE-2026-1352

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic...

IBM Db2 安全漏洞

IBM Db2 is a relational database management system developed by IBM Corporation. Versions 11.5.0 to 11.5.9 and 12.1.0 to 12.1.4 of IBM Db2 contain security vulnerabilities. These vulnerabilities stem from improper handling of special elements in the data query logic, which may cause...

CVE-2026-1352

This entry describes CVE-2026-1352 affecting IBM Db2 for Linux/UNIX/Windows (including Db2 Connect Server). Affected versions are Db2 11.5.0–11.5.9 and 12.1.0–12.1.4 (client and server). The issue allows an authenticated user to cause a Denial of Service due to improper neutralization of special ...

CVE-2026-1352

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic...

CVE-2026-1352 IBM® Db2® is vulnerable to a trap or return SQLCODE -901 when compiling a specially crafted query with a defined index

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic...

GHSA-5QCV-4RPC-JP93 vulnerabilities

Vulnerabilities for packages: logstash, debezium-connector-informix, druid, apache-nifi, debezium-connector-vitess, opensearch, strimzi-kafka-operator, thingsboard, debezium-connector-db2, debezium-connector-ibmi, debezium-connector-spanner, wildfly, debezium...

CVE-2026-35554 vulnerabilities

Vulnerabilities for packages: logstash, debezium-connector-informix, druid, apache-nifi, debezium-connector-vitess, opensearch, strimzi-kafka-operator, thingsboard, debezium-connector-db2, debezium-connector-ibmi, debezium-connector-spanner, wildfly, debezium...

Security Bulletin: IBM Data Server Driver for JDBC and SQLJ is affected by a vulnerability in org.lz4 1.8.0 (CVE-2025-12183)

Summary IBM Data Server Driver for JDBC and SQLJ is affected by a vulnerability in org.lz4 1.8.0 CVE-2025-12183 Vulnerability Details CVEID:CVE-2025-12183 DESCRIPTION: Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read...

Security Bulletin: IBM® Db2® is vulnerable to a denial of service with a specially crafted query involving multiple subqueries (CVE-2026-1577)

Summary IBM® Db2® is vulnerable to a denial of service with a specially crafted query involving multiple subqueries. Vulnerability Details CVEID:CVE-2026-1577 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of servic...

Security Bulletin: IBM® Db2® is vulnerable to a trap or return SQLCODE -901 when compiling a specially crafted query with a defined index (CVE-2026-1352)

Summary IBM® Db2® is vulnerable to a trap or return SQLCODE -901 when compiling a specially crafted query with a defined index. Vulnerability Details CVEID:CVE-2026-1352 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denia...

Security Bulletin: IBM® Db2® is affected by a vulnerability in netty-codec-http-4.1.127 (CVE-2025-67735)

Summary IBM® Db2® is affected by a vulnerability in netty-codec-http-4.1.127 CVE-2025-67735 Vulnerability Details CVEID:CVE-2025-67735 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.129.Final and 4.2.8.Final, the...

CVE-2026-3856

IBM Db2 Recovery Expert for Linux, UNIX and Windows 5.5 IF 2 could allow an attacker to modify or corrupt data due to an insecure mechanism used for verifying the integrity of the data during transmission...

EUVD-2026-12657

IBM Db2 Recovery Expert for Linux, UNIX and Windows 5.5 IF 2 could allow an attacker to modify or corrupt data due to an insecure mechanism used for verifying the integrity of the data during transmission...

CVE-2026-3856

IBM Db2 Recovery Expert for Linux, UNIX and Windows 5.5 IF 2 could allow an attacker to modify or corrupt data due to an insecure mechanism used for verifying the integrity of the data during transmission...

CVE-2026-3856

IBM Db2 Recovery Expert for Linux, UNIX and Windows 5.5 IF 2 could allow an attacker to modify or corrupt data due to an insecure mechanism used for verifying the integrity of the data during transmission...

CVE-2026-3856 IBM Db2 Recovery Expert Missing Integrity Check

IBM Db2 Recovery Expert for Linux, UNIX and Windows 5.5 IF 2 could allow an attacker to modify or corrupt data due to an insecure mechanism used for verifying the integrity of the data during transmission...