Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-11906

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in the data query logic of XMLTable-derived columns.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 33.8%
CVSS Severity
CVSS v3 Score 6.5
Products affected by CVE-2026-11906
  • Ibm » Db2 » Version: 11.5.0
    cpe:2.3:a:ibm:db2:11.5.0
  • Ibm » Db2 » Version: 11.5.5.0
    cpe:2.3:a:ibm:db2:11.5.5.0
  • Ibm » Db2 » Version: 11.5.6
    cpe:2.3:a:ibm:db2:11.5.6
  • Ibm » Db2 » Version: 11.5.8
    cpe:2.3:a:ibm:db2:11.5.8
  • Ibm » Db2 » Version: 11.5.9
    cpe:2.3:a:ibm:db2:11.5.9
  • Ibm » Db2 » Version: 12.1.0
    cpe:2.3:a:ibm:db2:12.1.0
  • Ibm » Db2 » Version: 12.1.1
    cpe:2.3:a:ibm:db2:12.1.1
  • Ibm » Db2 » Version: 12.1.2
    cpe:2.3:a:ibm:db2:12.1.2
  • Linux » Linux Kernel » Version: N/A
    cpe:2.3:o:linux:linux_kernel:-
  • Microsoft » Windows » Version: N/A
    cpe:2.3:o:microsoft:windows:-
  • Opengroup » Unix » Version: N/A
    cpe:2.3:o:opengroup:unix:-


Contact Us

Shodan ® - All rights reserved