CVE-2026-11906
MEDIUM
NVD
CVSS Score
6.5
Severity
MEDIUM
Published
Jun 30, 2026
Vendor
unknown
Description
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in the data query logic of XMLTable-derived columns.