Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

FirebirdSQL — Vulnerabilities & Security Advisories 12

Browse all 12 CVE security advisories affecting FirebirdSQL. AI-powered Chinese analysis, POCs, and references for each vulnerability.

FirebirdSQL serves as a relational database management system primarily used in enterprise applications requiring embedded or client-server database solutions. Historically, vulnerabilities have included remote code execution, SQL injection, and privilege escalation, often stemming from insufficient input validation and authentication flaws. While no major security incidents have been widely documented, the 12 recorded CVEs highlight potential risks in older versions. The database's open-source nature allows for community scrutiny, but deployments should prioritize timely patching and secure configuration to mitigate risks. Its lightweight architecture and cross-platform compatibility remain attractive, though security-conscious implementations must address historical vulnerability patterns.

Top products by FirebirdSQL: firebird
CVE IDTitleCVSSSeverityPublished
CVE-2026-40342 Firebird: Path Traversal + Arbitrary File Write Leads to Remote Code Execution — firebirdCWE-22 10.0 Critical2026-04-17
CVE-2026-35215 Firebird: DoS via malicious slice descriptor in slice packet — firebirdCWE-369 7.5 High2026-04-17
CVE-2026-34232 Firebird: DoS via `op_response` packet from client — firebirdCWE-228 7.5 High2026-04-17
CVE-2026-33337 Firebird has a buffer overflow when parsing corrupted slice packets — firebirdCWE-120 7.5 High2026-04-17
CVE-2026-28224 Firebird Null Pointer Dereference via CryptCallback causes DOS — firebirdCWE-476 8.2 High2026-04-17
CVE-2026-28214 Firebird server hangs when using specific clumplet on batch creation — firebirdCWE-190 6.5AIMediumAI2026-04-17
CVE-2026-27890 Firebird has Pre-Auth DOS when Processing Out of Order CNCT_specific_data Segments — firebirdCWE-119 8.2 High2026-04-17
CVE-2026-28212 Firebird has potential server crash via null pointer dereference when processing op_slice packet — firebirdCWE-476 7.5 High2026-04-17
CVE-2025-65104 Firebird: Information leak vulnerability in firebird3 client when used with newer server — firebirdCWE-200 7.9 High2026-04-17
CVE-2025-24975 Firebird Non-Authorized Access to Encrypted Database Using Execute Statement on External — firebirdCWE-754 7.1 High2025-08-15
CVE-2025-54989 Firebird XDR Message Parsing NULL Pointer Dereference Denial-of-Service Vulnerability — firebirdCWE-476 5.3 Medium2025-08-15
CVE-2023-41038 Server crash when using specific form of SET BIND statement — firebirdCWE-770 7.5 High2024-03-20

This page lists every published CVE security advisory associated with FirebirdSQL. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.