CVE-2026-1577
EUVD-2026-2643930.04.2026, 22:16
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| ibm | db2 | 11.5.0 ≤ 𝑥 ≤ 11.5.9 |
| ibm | db2 | 11.5.0 ≤ 𝑥 ≤ 11.5.9 |
| ibm | db2 | 11.5.0 ≤ 𝑥 ≤ 11.5.9 |
| ibm | db2 | 12.1.0 ≤ 𝑥 ≤ 12.1.4 |
| ibm | db2 | 12.1.0 ≤ 𝑥 ≤ 12.1.4 |
| ibm | db2 | 12.1.0 ≤ 𝑥 ≤ 12.1.4 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-1284 - Improper Validation of Specified Quantity in InputThe product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties.
- CWE-20 - Improper Input ValidationThe product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.