CVE-2026-6051

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when executing a specially crafted query with a small statement heap...

CVE-2026-3676

IBM Cloud APM, Base Private 8.1.4 and IBM Cloud APM, Advanced Private 8.1.4 IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in the data query logic of the Fenced...

CVE-2026-1718

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service with a specially crafted query when autonomous transactions are enabled...

CVE-2026-6938

IBM Db2 12.1.0–12.1.4 is vulnerable to an authorization bypass when uploading to a remote object storage path using a special query. The root cause is improper authorization (CWE-285). Affected products/versions: IBM Db2 Server 12.1.0–12.1.4 on Linux/Unix. Impact: authorization bypass potential d...

CVE-2026-6938 IBM® Db2® is vulnerable to authorization bypass when uploading to a remote object storage path with a special query

IBM Db2 12.1.0 through 12.1.4 is vulnerable to authorization bypass when uploading to a remote object storage path with a special query...

EUVD-2026-32492

IBM Db2 12.1.0 through 12.1.4 is vulnerable to authorization bypass when uploading to a remote object storage path with a special query...

CVE-2026-6938 IBM® Db2® is vulnerable to authorization bypass when uploading to a remote object storage path with a special query

IBM Db2 12.1.0 through 12.1.4 is vulnerable to authorization bypass when uploading to a remote object storage path with a special query...

CVE-2026-6938

IBM Db2 12.1.0 through 12.1.4 is vulnerable to authorization bypass when uploading to a remote object storage path with a special query...

CVE-2026-6053

IBM Db2 is affected by CVE-2026-6053: denial of service when a specially crafted query runs against range-partitioned tables. Affected: Db2 Server 11.5.0–11.5.9 and 12.1.0–12.1.4. CVSS v3.1 base score 5.5 (LOCAL attack, low complexity, high impact on availability). Root cause: CWE-770 (unbounded ...

CVE-2026-6053

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when a specially crafted query is run with range partitioned tables...

CVE-2026-6051

CVE-2026-6051 affects IBM Db2 11.5.0–11.5.9 and 12.1.0–12.1.4. The vulnerability is a denial of service caused by executing a specially crafted query that consumes the statement heap. Impact is a high availability concern for affected Db2 client and server installations. IBM’s bulletin confirms a...

CVE-2026-6051 IBM® Db2® is vulnerable to a denial of service when executing a specially crafted query with a small statement heap

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when executing a specially crafted query with a small statement heap...

CVE-2026-6051

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when executing a specially crafted query with a small statement heap...

CVE-2026-6051 IBM® Db2® is vulnerable to a denial of service when executing a specially crafted query with a small statement heap

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when executing a specially crafted query with a small statement heap...

EUVD-2026-32488

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when executing a specially crafted query with a small statement heap...

CVE-2026-3676 There are multiple vulnerabilities in IBM DB2 bundled with IBM Application Performance Management products.

IBM Cloud APM, Base Private 8.1.4 and IBM Cloud APM, Advanced Private 8.1.4 IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in the data query logic of the Fenced...

CVE-2026-3676 There are multiple vulnerabilities in IBM DB2 bundled with IBM Application Performance Management products.

IBM Cloud APM, Base Private 8.1.4 and IBM Cloud APM, Advanced Private 8.1.4 IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in the data query logic of the Fenced...

CVE-2026-3676

CVE-2026-3676 : IBM Db2 components bundled with IBM Cloud APM (Base Private 8.1.4/Advanced Private 8.1.4) are vulnerable when used with Linux/UNIX/Windows DB2 builds (including DB2 Connect Server). The issue arises from improper neutralization of special elements in the data query logic within th...

CVE-2026-1718 IBM® Db2® is vulnerable to a denial of service with a specially crafted query when running an AUTONOMOUS procedure

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service with a specially crafted query when autonomous transactions are enabled...

CVE-2026-1718 IBM® Db2® is vulnerable to a denial of service with a specially crafted query when running an AUTONOMOUS procedure

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service with a specially crafted query when autonomous transactions are enabled...