CRITICAL🇬🇧 English

CVE-2026-10109

CVSS 9.8v3.1pub. 2026-06-30upd. 2026-07-02

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to remote code execution due to improper pre-auth DRDA handshake handling.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • IBM Db2

    APP
    Ibm
    11.5.0 – 11.5.912.1.0 – 12.1.4
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2026-1718HIGH7.1ten sam produkt

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service with a specially...

CVE-2025-36247HIGH7.1ten sam produkt

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12....

CVE-2025-36184HIGH7.2ten sam produkt

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 could allow an instance owne...

CVE-2025-36384HIGH8.4ten sam produkt

IBM Db2 for Windows 12.1.0 - 12.1.3 could allow a local user with filesystem access to escalate their privile...

CVE-2025-36186HIGH7.4ten sam produkt

IBM Db2 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) under specific configu...