Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

CVE-2026-6052— IBM® Db2® is vulnerable to running out of memory when executing certain queries with MDC tables

CVSS 6.5 · Medium

Possible ATT&CK Techniques 1AI

T1496 · Resource Hijacking

Affected Version Matrix 2

VendorProductVersion RangeStatus
IBMDb211.5.0≤ 11.5.9affected
12.1.0≤ 12.1.4affected
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-6052

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
IBM® Db2® is vulnerable to running out of memory when executing certain queries with MDC tables
Source: NVD (National Vulnerability Database)
Vulnerability Description
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to running out of memory when executing certain queries with MDC tables.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
IBMDb2 11.5.0 ~ 11.5.9 cpe:2.3:a:ibm:db2:11.5.0:*:*:*:*:*:*:*

II. Public POCs for CVE-2026-6052

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-6052

登录查看更多情报信息。

Other References for CVE-2026-6052 (1)

Same Patch Batch · IBM · 2026-05-27 · 29 CVEs total

CVE-2026-75249.8 CRITICALPath Traversal Vulnerability in File Processing Components Allows Unauthorized File System
CVE-2026-81759.8 CRITICALMultiple vulnerabilities in Aspera applications.
CVE-2026-50658.8 HIGHIBM Controller is affected by vulnerabilities
CVE-2026-81798.8 HIGHMultiple vulnerabilities in Aspera applications.
CVE-2026-73658.4 HIGHIBM Operations Analytics - Log Analysis is affected by Information disclosure due to defau
CVE-2026-36237.8 HIGHVulnerabilities exists in IBM Netezza Performance Server Replication Services
CVE-2026-33667.5 HIGHInfoSphere Optim Test Data Fabrication is affected by Arbitrary File Read
CVE-2026-81807.5 HIGHMultiple vulnerabilities in Aspera applications.
CVE-2024-564627.2 HIGHIBM QRadar SIEM is vulnerable to using components with known vulnerabilities
CVE-2026-17187.1 HIGHIBM® Db2® is vulnerable to a denial of service with a specially crafted query when running
CVE-2026-75287.1 HIGHUnauthenticated File Upload Vulnerability Allows Disk Space Exhaustion and Path Disclosure
CVE-2026-84056.5 MEDIUMIBM Guardium Data Protection is affected by Exposure of Sensitive Information vulnerabilit
CVE-2026-90356.5 MEDIUMMultiple vulnerabilities in Aspera applications.
CVE-2026-69386.5 MEDIUMIBM® Db2® is vulnerable to authorization bypass when uploading to a remote object storage
CVE-2026-69366.5 MEDIUMIBM i is Affected by a Denial of Service Vulnerability []
CVE-2026-36766.5 MEDIUMThere are multiple vulnerabilities in IBM DB2 bundled with IBM Application Performance Man
CVE-2024-406845.9 MEDIUMIBM Operations Analytics - Log Analysis is affected by Weak Password Policy and Inadequate
CVE-2026-60535.5 MEDIUMIBM® Db2® is vulnerable to a denial of service when a specially crafted query is run with
CVE-2026-60515.5 MEDIUMIBM® Db2® is vulnerable to a denial of service when executing a specially crafted query wi
CVE-2026-55155.5 MEDIUMIBM App Connect Enterprise is vulnerable to a confidential disclosure

Showing top 20 of 29 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Db2
Same vendor: IBM

V. Comments for CVE-2026-6052

No comments yet

Leave a comment