CVE-2026-34232
CVE-2026-34232 is a high-severity vulnerability in Firebirdsql Firebird with a CVSS 3.x base score of 7.5. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-228.
Key facts
- Severity: High (CVSS 3.x base score 7.5)
- EPSS exploit prediction: 0% (37th percentile)
- Actively exploited: Not listed in CISA KEV
- EU (EUVD) id: EUVD-2026-23486
- Weakness: CWE-228
- Affected product: Firebirdsql Firebird
- Published:
- Last modified:
Description
Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the xdr_status_vector() function does not handle the isc_arg_cstring type when decoding an op_response packet, causing a server crash when one is encountered in the status vector. An unauthenticated attacker can exploit this by sending a crafted op_response packet to the server. This issue has been fixed in versions 5.0.4, 4.0.7 and 3.0.14.
Frequently asked questions
- What is CVE-2026-34232?
- Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the xdr_status_vector() function does not handle the isc_arg_cstring type when decoding an op_response packet, causing a server crash when one is encountered in the status vector. An unauthenticated attacker can exploit this by sending a crafted op_response packet to the server. This issue has been fixed in versions 5.0.4, 4.0.7 and 3.0.14.
- How severe is CVE-2026-34232?
- CVE-2026-34232 has a CVSS 3.x base score of 7.5, rated high severity. It is exploitable over network with low attack complexity, requires no privileges and no user interaction. Impact on confidentiality is none, integrity none, and availability high.
- Is CVE-2026-34232 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (37th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2026-34232?
- CVE-2026-34232 affects Firebirdsql Firebird. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2026-34232?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its high severity, prioritise patching exposed systems.
- Does CVE-2026-34232 have an EU (EUVD) identifier?
- Yes. CVE-2026-34232 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2026-23486.
- When was CVE-2026-34232 published?
- CVE-2026-34232 was published on 2026-04-17 and last updated on 2026-06-17.
References
- https://github.com/FirebirdSQL/firebird/releases/tag/v3.0.14
- https://github.com/FirebirdSQL/firebird/releases/tag/v4.0.7
- https://github.com/FirebirdSQL/firebird/releases/tag/v5.0.4
- https://github.com/FirebirdSQL/firebird/security/advisories/GHSA-7jq3-6j3c-5cm2
Affected products (1)
- cpe:2.3:a:firebirdsql:firebird:*:*:*:*:*:*:*:*
More vulnerabilities in Firebirdsql Firebird
- CVE-2008-0467 — Critical (CVSS 10.0): Stack-based buffer overflow in Firebird before 2.0.4, and 2.1.x before 2.1.0 RC1, might allow remote attackers to…
- CVE-2007-4992 — Critical (CVSS 10.0): Stack-based buffer overflow in the process_packet function in fbserver.exe in Firebird SQL 2.0.2 allows remote…
- CVE-2007-5246 — Critical (CVSS 10.0): Multiple stack-based buffer overflows in Firebird LI 2.0.0.12748 and 2.0.1.12855, and WI 2.0.0.12748 and 2.0.1.12855,…
- CVE-2007-5245 — Critical (CVSS 10.0): Multiple stack-based buffer overflows in Firebird LI 1.5.3.4870 and 1.5.4.4910, and WI 1.5.3.4870 and 1.5.4.4910, allow…
- CVE-2007-3181 — Critical (CVSS 10.0): Buffer overflow in fbserver.exe in Firebird SQL 2 before 2.0.1 allows remote attackers to execute arbitrary code via a…
- CVE-2001-0008 — Critical (CVSS 10.0): Backdoor account in Interbase database server allows remote attackers to overwrite arbitrary files using stored…
All CVEs affecting Firebirdsql Firebird →
Other CWE-228 vulnerabilities
- CVE-2020-27847 — Critical (CVSS 9.8): A vulnerability exists in the SAML connector of the github.com/dexidp/dex library used to process SAML Signature…
- CVE-2026-20125 — High (CVSS 7.7): A vulnerability in the HTTP Server feature of Cisco IOS Software and Cisco IOS XE Software Release 3E could allow an…
- CVE-2026-42100 — High (CVSS 7.5): Improper Handling of Syntactically Invalid Structure in Sparx Pro Cloud Server allows Denial of Service (DoS) attack to…
- CVE-2025-0343 — High (CVSS 7.5): Swift ASN.1 can be caused to crash when parsing certain BER/DER constructions. This crash is caused by a confusion in…
- CVE-2024-21612 — High (CVSS 7.5): An Improper Handling of Syntactically Invalid Structure vulnerability in Object Flooding Protocol (OFP) service of…
- CVE-2021-38443 — Medium (CVSS 6.6): Eclipse CycloneDDS versions prior to 0.8.0 improperly handle invalid structures, which may allow an attacker to write…