IBM DB2 11.5/12.1 DoS via range-partitioned tables: CVE-2026-6053 May 2026

IBM® Db2® is vulnerable to a denial of service when a specially crafted query is run with range partitioned tables
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service when a specially crafted query is run with range partitioned tables.

Vulnerability Analysis

CVE-2026-6053 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Attack Vector:

LOCAL

Attack Complexity:

LOW

Privileges Required:

LOW

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

NONE

Integrity Impact:

NONE

Availability Impact:

HIGH

Weakness Type

Allocation of Resources Without Limits or Throttling

The software allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.

Products Associated with CVE-2026-6053

Want to know whenever a new CVE is published for IBM Db2? stack.watch will email you.

IBM DB2 11.5/12.1 DoS via range-partitioned tables
CVE-2026-6053 Published on May 27, 2026

Vulnerability Analysis

Weakness Type

Allocation of Resources Without Limits or Throttling

Products Associated with CVE-2026-6053

Affected Versions

IBM DB2 11.5/12.1 DoS via range-partitioned tablesCVE-2026-6053 Published on May 27, 2026

Vulnerability Analysis

Weakness Type

Allocation of Resources Without Limits or Throttling

Products Associated with CVE-2026-6053

Affected Versions

IBM DB2 11.5/12.1 DoS via range-partitioned tables
CVE-2026-6053 Published on May 27, 2026