CVE-2026-1577

· NIST NVD ↗

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic.

MEDIUM
CVSS severity
6.5
CVSS base score
2026-04-30
Published

CWE codes

CWE-1284CWE-20

Affected products

ibm:db2

Sources