{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-14T17:10:13.872","vulnerabilities":[{"cve":{"id":"CVE-2025-36247","sourceIdentifier":"psirt@us.ibm.com","published":"2026-02-17T18:20:29.940","lastModified":"2026-02-18T19:23:13.760","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources."},{"lang":"es","value":"IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect servidor) 11.5.0 hasta 11.5.9 y 12.1.0 hasta 12.1.3 es vulnerable a un ataque de inyección de entidad externa XML (XXE) al procesar datos XML. Un atacante remoto podría explotar esta vulnerabilidad para exponer información sensible o consumir recursos de memoria."}],"metrics":{"cvssMetricV31":[{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":4.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":4.2}]},"weaknesses":[{"source":"psirt@us.ibm.com","type":"Primary","description":[{"lang":"en","value":"CWE-611"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:db2:*:*:*:*:*:linux:*:*","versionStartIncluding":"11.5.0","versionEndIncluding":"11.5.9","matchCriteriaId":"ECAF5576-B4A5-4DB7-94F0-942F656F0461"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:db2:*:*:*:*:*:unix:*:*","versionStartIncluding":"11.5.0","versionEndIncluding":"11.5.9","matchCriteriaId":"B1E165E8-F11B-4F13-B54A-90D29CA2ABF8"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:db2:*:*:*:*:*:windows:*:*","versionStartIncluding":"11.5.0","versionEndIncluding":"11.5.9","matchCriteriaId":"727E2804-2D3D-4C31-A3E5-F99107D02A27"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:db2:*:*:*:*:*:linux:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.3","matchCriteriaId":"2AA1764B-CD82-4B33-B85B-27CA2F7C0ED5"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:db2:*:*:*:*:*:unix:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.3","matchCriteriaId":"8F63D92C-AC19-4FB0-A605-08DC01875E7B"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:db2:*:*:*:*:*:windows:*:*","versionStartIncluding":"12.1.0","versionEndIncluding":"12.1.3","matchCriteriaId":"E28DCDF3-EF5B-47D6-BD38-C98334B67BE4"}]}]}],"references":[{"url":"https://www.ibm.com/support/pages/node/7259961","source":"psirt@us.ibm.com","tags":["Vendor Advisory"]}]}}]}