Denial of Service Vulnerability in IBM Db2 Products
CVE-2026-7771

5.5MEDIUM

Key Information:

Vendor

IBM

Status
Vendor
CVE Published:
17 July 2026

What is CVE-2026-7771?

IBM Db2 versions 11.5.0 through 11.5.9 and 12.1.0 through 12.1.4 are susceptible to a Denial of Service attack due to inadequate processing of special crafted statements that include subqueries. This vulnerability may allow an attacker to disrupt service availability, potentially leading to significant downtime and operational impact. It is essential for users of affected Db2 versions to apply available patches to safeguard their systems.

Affected Version(s)

Db2 11.5.0 <= 11.5.9

Db2 12.1.0 <= 12.1.4

References

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.