Denial of Service Vulnerability in IBM Db2 Products
CVE-2026-1718

7.1HIGH

Key Information:

Vendor: IBM
Status: Db2
Vendor: CVE Published:; 27 May 2026

What is CVE-2026-1718?

The vulnerability in IBM Db2 versions 11.5.0 through 11.5.9 and 12.1.0 through 12.1.4 can be exploited through a specially crafted query when autonomous transactions are enabled, leading to potential disruption of service.

Affected Version(s)

Db2 11.5.0 <= 11.5.9

Db2 12.1.0 <= 12.1.4

References

https://www.ibm.com/support/pages/node/7273555

vendor-advisorypatch

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 27, 2026
Vulnerability Reserved
Jan 30, 2026

CVE-2026-1718 Data

JSON