CVE-2026-34232

EUVD-2026-23486

17.04.2026, 20:16

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the xdr_status_vector() function does not handle the isc_arg_cstring type when decoding an op_response packet, causing a server crash when one is encountered in the status vector. An unauthenticated attacker can exploit this by sending a crafted op_response packet to the server. This issue has been fixed in versions 5.0.4, 4.0.7 and 3.0.14.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 37%

Affected Products (NVD)

Vendor	Product	Version
firebirdsql	firebird	3.0.0 ≤ 𝑥 < 3.0.14
firebirdsql	firebird	4.0.0 ≤ 𝑥 < 4.0.7
firebirdsql	firebird	5.0.0 ≤ 𝑥 < 5.0.4

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

firebird3.0

bookworm	vulnerable
bullseye	vulnerable
bullseye (security)	vulnerable
forky	3.0.14.ds7-1 fixed
sid	3.0.14.ds7-1 fixed
trixie	vulnerable

firebird4.0

forky	4.0.7.3271.ds6-1 fixed
sid	4.0.7.3271.ds6-1 fixed
trixie	vulnerable
trixie (security)	vulnerable

Known Exploits!

https://github.com/FirebirdSQL/firebird/security/advisories/GHSA-7jq3-6j3c-5cm2

Common Weakness Enumeration

CWE-228 - Improper Handling of Syntactically Invalid Structure
The product does not handle or incorrectly handles input that is not syntactically well-formed with respect to the associated specification.

References

https://github.com/FirebirdSQL/firebird/releases/tag/v3.0.14

https://github.com/FirebirdSQL/firebird/releases/tag/v4.0.7

https://github.com/FirebirdSQL/firebird/releases/tag/v5.0.4

https://github.com/FirebirdSQL/firebird/security/advisories/GHSA-7jq3-6j3c-5cm2