Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Network-reachable DB query path requires only low-privilege credentials (PR:L); impact is pure availability loss with no confidentiality or integrity exposure.
Primary rating from Vendor (us).
CVSS VectorVendor: us
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
2DescriptionCVE.org
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in the data query logic of XMLTable-derived columns.
AnalysisAI
Denial of service in IBM Db2 11.5.0-11.5.9 and 12.1.0-12.1.4 allows an authenticated low-privileged user to crash or hang the database server by submitting a crafted SQL query exploiting improper neutralization of special elements in XMLTable-derived column processing logic. The CVSS vector (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) confirms this is remotely triggerable with minimal privileges, posing a realistic insider-threat or compromised-credential availability risk. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires a valid IBM Db2 database session with at least low-level authenticated access (sufficient to submit SQL queries), targeting an instance running Db2 11.5.0-11.5.9 or 12.1.0-12.1.4 on Linux, UNIX, or Windows. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 6.5 Medium score with vector AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H accurately characterizes real-world risk: the attack is network-reachable and low-complexity, but requires valid database credentials (PR:L), which is a meaningful barrier against unauthenticated opportunistic attacks. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker with a valid low-privilege Db2 database account connects to the instance over the network and executes a crafted SQL statement invoking XMLTable with specially constructed derived-column expressions containing malformed special elements. The Db2 XML query engine fails to properly neutralize the input, triggering a fatal condition that crashes the database service or exhausts critical resources, causing a denial of service for all concurrent users and applications. … |
| Remediation | Consult IBM advisory 7277423 at https://www.ibm.com/support/pages/node/7277423 for the applicable fix pack or iFix addressing CVE-2026-11906; exact patched version numbers were not independently confirmed from the reference data available, so the advisory is the authoritative source. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Remote code execution in IBM Db2 11.5.0-11.5.9 and 12.1.0-12.1.4 lets unauthenticated network attackers run arbitrary co
Db2 contains a vulnerability that allows attackers to a local user with filesystem access to escalate their privileges d
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 could allow an instance owner to execu
Db2 versions up to 12.1.3 is affected by improper restriction of xml external entity reference (CVSS 7.1).
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 under specific con
IBM Db2 versions 11.5.0-11.5.9 and 12.1.0-12.1.4 expose sensitive information through internal monitoring and event tabl
Db2 contains a vulnerability that allows attackers to an authenticated user to cause a denial of service due to improper
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3 could
Db2 contains a vulnerability that allows attackers to cause a denial of service due to insufficient validation of specia
Db2 contains a vulnerability that allows attackers to cause a denial of service due to improper neutralization of specia
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 is vulnerable to a
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow a user to cause a denial of service by exe
Same technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-40393
GHSA-v7fg-h2r7-7537