CVE-2026-1352

· NIST NVD ↗

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic.

MEDIUM
CVSS severity
6.5
CVSS base score
2026-04-23
Published

CWE codes

CWE-1284

Affected products

ibm:db2

Sources