AI description
CVE-2025-36122 is a vulnerability impacting IBM Db2 versions 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3 across Linux, UNIX, and Windows platforms. This flaw stems from an improper allocation of system resources (CWE-770) within the software. An authenticated user can exploit this vulnerability by submitting specially crafted SQL queries. This action can lead to a denial of service by exhausting system resources, thereby affecting the availability of the IBM Db2 service. The vulnerability does not compromise confidentiality or integrity, and there are currently no reports of active exploitation.
- Description
- IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes DB2 Connect Server) could allow an authenticated user to cause a denial of service using a specially crafted SQL query due to improper allocation of system resources.
- Source
- psirt@us.ibm.com
- NVD status
- Analyzed
- Products
- db2
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
- psirt@us.ibm.com
- CWE-770
- Hype score
- Not currently trending
CVE-2025-36122 Denial of Service in IBM Db2 11.5.0-11.5.9 and 12.1.0-12.1.3 via SQL Query https://t.co/j8e4yczKgR
@VulmonFeeds
1 May 2026
69 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨*CVE* CVE-2025-36122 IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes DB2 Connect Server) could allow an authenticated user to cause a denial… https://t.co/Kk7cTPVIsf ----- Traducción: CVE-2025-36122 IBM… https://t.co/utmtNg
@infoflowcloud
30 Apr 2026
90 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-36122 IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes DB2 Connect Server) could allow an authenticated user to cause a denial… https://t.co/US44i2gjA4
@CVEnew
30 Apr 2026
187 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:db2:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "ECAF5576-B4A5-4DB7-94F0-942F656F0461",
"versionEndIncluding": "11.5.9",
"versionStartIncluding": "11.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:db2:*:*:*:*:*:unix:*:*",
"matchCriteriaId": "B1E165E8-F11B-4F13-B54A-90D29CA2ABF8",
"versionEndIncluding": "11.5.9",
"versionStartIncluding": "11.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:db2:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "727E2804-2D3D-4C31-A3E5-F99107D02A27",
"versionEndIncluding": "11.5.9",
"versionStartIncluding": "11.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:db2:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "2AA1764B-CD82-4B33-B85B-27CA2F7C0ED5",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:db2:*:*:*:*:*:unix:*:*",
"matchCriteriaId": "8F63D92C-AC19-4FB0-A605-08DC01875E7B",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:db2:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "E28DCDF3-EF5B-47D6-BD38-C98334B67BE4",
"versionEndIncluding": "12.1.3",
"versionStartIncluding": "12.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]