Primary

Context

IBM Db2 Denial-of-Service Vulnerability

Vulnerability

Patched

A denial-of-service vulnerability has been identified in IBM Db2 for Linux, UNIX, and Windows, including Db2 Connect Server, versions 11.5.0 through 11.5.9 and 12.1.0 through 12.1.2. The issue arises when selecting from certain types of tables, which may lead to a trap and cause a denial-of-service condition.

Impact

Exploitation of this vulnerability can lead to a denial-of-service condition, causing the application to become unresponsive or unavailable.

Remediation

Users can download a special build containing the interim fix for this issue from Fix Central. For Db2 version 11.5, the fix is available in Special Build #66394 or later for version 11.5.9. For Db2 version 12.1, the fix is available in Special Build #72296 or later for version 12.1.2, or in the latest version 12.1.3.

Added: Jan 30, 2026, 10:37 PM

Updated: Jan 30, 2026, 10:37 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

4.5

remediation

7.7

relevance

2.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

4.5

remediation

7.7

relevance

2.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Db2 Denial-of-Service Vulnerability

Vulnerability

Impact

Remediation

Affected Products

IBM Db2

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating