{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-1718/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.1,"id":"CVE-2026-1718"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Db2 (11.5.0 through 11.5.9)","Db2 (12.1.0 through 12.1.4)"],"_cs_severities":["medium"],"_cs_tags":["dos","cve-2026-1718","db2","denial of service"],"_cs_type":"advisory","_cs_vendors":["IBM"],"content_html":"\u003cp\u003eIBM Db2 is susceptible to a denial-of-service vulnerability, identified as CVE-2026-1718, affecting versions 11.5.0 through 11.5.9 and 12.1.0 through 12.1.4. This vulnerability is triggered when a specially crafted query is executed while autonomous transactions are enabled within the Db2 environment. A successful exploit could lead to resource exhaustion, rendering the database service unavailable and disrupting applications relying on it. Defenders should implement mitigations to prevent malicious actors from exploiting this vulnerability and causing downtime.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker identifies a vulnerable IBM Db2 instance with autonomous transactions enabled.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious SQL query designed to exploit the vulnerability.\u003c/li\u003e\n\u003cli\u003eThe attacker authenticates to the Db2 instance with valid, but potentially low-privileged, credentials.\u003c/li\u003e\n\u003cli\u003eThe attacker executes the crafted SQL query.\u003c/li\u003e\n\u003cli\u003eThe malicious query triggers excessive resource allocation within the Db2 database engine.\u003c/li\u003e\n\u003cli\u003eThe excessive resource allocation leads to memory exhaustion or CPU overload.\u003c/li\u003e\n\u003cli\u003eDb2 becomes unresponsive, leading to a denial-of-service condition.\u003c/li\u003e\n\u003cli\u003eApplications relying on Db2 experience disruptions or failures due to database unavailability.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-1718 can result in a denial of service, causing IBM Db2 database instances to become unavailable. This can disrupt business operations that rely on the affected databases, potentially leading to data unavailability, application failures, and financial losses. The vulnerability impacts Db2 versions 11.5.0 through 11.5.9 and 12.1.0 through 12.1.4, potentially affecting numerous organizations that utilize these versions.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply the security patch or upgrade to a fixed version of IBM Db2 as recommended in the IBM advisory (\u003ca href=\"https://www.ibm.com/support/pages/node/7273555\"\u003ehttps://www.ibm.com/support/pages/node/7273555\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eMonitor Db2 database logs for suspicious SQL queries that may be indicative of exploitation attempts.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Detect Suspicious Db2 Queries Leading to Excessive Resource Allocation\u0026rdquo; to identify potential exploitation attempts based on query patterns.\u003c/li\u003e\n\u003cli\u003eReview and restrict access controls to the Db2 database to minimize the attack surface and prevent unauthorized query execution.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-27T14:19:07Z","date_published":"2026-05-27T14:19:07Z","id":"https://feed.craftedsignal.io/briefs/2026-05-db2-dos/","summary":"IBM Db2 versions 11.5.0 through 11.5.9 and 12.1.0 through 12.1.4 are vulnerable to a denial-of-service (DoS) attack via a specially crafted query when autonomous transactions are enabled, potentially leading to service disruption.","title":"IBM Db2 Vulnerable to Denial-of-Service via Crafted Query (CVE-2026-1718)","url":"https://feed.craftedsignal.io/briefs/2026-05-db2-dos/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2026-1718","version":"https://jsonfeed.org/version/1.1"}