PatchSiren cyber security CVE debrief
CVE-2026-1577 IBM CVE debrief
CVE-2026-1577 is a medium-severity denial-of-service issue in IBM Db2 for Linux, UNIX, and Windows, including Db2 Connect Server. An authenticated user may be able to disrupt service by sending data that is not properly neutralized in query logic. The affected ranges called out in the CVE data are 11.5.0 through 11.5.9 and 12.1.0 through 12.1.4. The issue was publicly disclosed on 2026-04-30 and the NVD record was modified on 2026-05-10.
- Vendor
- IBM
- Product
- CVE-2026-1577
- CVSS
- MEDIUM 6.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-04-30
- Original CVE updated
- 2026-05-10
- Advisory published
- 2026-04-30
- Advisory updated
- 2026-05-10
Who should care
Db2 administrators, platform owners, and application teams operating IBM Db2 on Linux, UNIX, or Windows should review this advisory, especially where authenticated users can submit queries or data that reaches Db2 query logic.
Technical summary
The NVD record describes an authenticated denial-of-service condition caused by improper neutralization of special elements in data query logic. The CVSS v3.1 vector is AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H, indicating network reachability, low attack complexity, required low privileges, no user interaction, and high availability impact. NVD maps the weakness to CWE-1284 and CWE-20. Affected Db2 versions are 11.5.0-11.5.9 and 12.1.0-12.1.4 across Linux, UNIX, and Windows.
Defensive priority
High for environments that allow authenticated access to Db2 and rely on continuous database availability. The impact is availability-focused rather than confidentiality or integrity, but service disruption can still be operationally significant.
Recommended defensive actions
- Check whether any IBM Db2 deployments fall within the affected version ranges: 11.5.0 through 11.5.9 or 12.1.0 through 12.1.4.
- Review the IBM PSIRT advisory referenced by the CVE for remediation guidance and apply vendor-provided updates or mitigations as directed.
- Prioritize upgrades or fixes on internet-facing, multi-tenant, or broadly accessible Db2 instances where authenticated users can submit queries.
- Limit unnecessary authenticated access to Db2 and apply least-privilege account controls for database users and service accounts.
- Monitor for abnormal query patterns, service interruptions, or repeated database process crashes that may indicate exploitation attempts.
- Validate that backup, restart, and failover procedures are ready in case availability is affected before remediation can be completed.
Evidence notes
Source corpus identifies IBM Db2 as the affected product family, with vulnerable CPE criteria for Linux, UNIX, and Windows. NVD lists version ranges 11.5.0-11.5.9 and 12.1.0-12.1.4, CVSS v3.1 6.5/Medium, and weaknesses CWE-1284 and CWE-20. The only vendor reference provided in the corpus is the IBM PSIRT advisory URL. No exploit details or patch-specific instructions were included in the supplied source text.
Official resources
-
CVE-2026-1577 CVE record
CVE.org
-
CVE-2026-1577 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
Publicly disclosed in the CVE record on 2026-04-30; NVD metadata was last modified on 2026-05-10.