Ibm Db2 Recovery Expert — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Db2 Recovery Expert, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2025-27900 — CVSS 6.8 (medium): IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 could allow a remote attacker to conduct phishing attacks, using an open redirect…
CVE-2025-27901 — CVSS 6.5 (medium): IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2 Recovery Expert for Linux, UNIX and Windows is vulnerable to HTTP header…
CVE-2025-27904 — CVSS 6.5 (medium): IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2 Recovery Expert for Linux, UNIX and Windows is vulnerable to cross-site request…
CVE-2025-27898 — CVSS 6.3 (medium): IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 does not invalidate session after a timeout which could allow an authenticated user to…
CVE-2025-27903 — CVSS 5.9 (medium): IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2 Recovery Expert for Linux, UNIX and Windows transmits data in a cleartext…
CVE-2026-3856 — CVSS 5.3 (medium): IBM Db2 Recovery Expert for Linux, UNIX and Windows 5.5 IF 2 could allow an attacker to modify or corrupt data due to an insecure mechanism…
CVE-2025-27899 — CVSS 5.3 (medium): IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 discloses sensitive information in an environment variable that could aid in further…
CVE-2013-4024 — CVSS 4.3 (medium): IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager 5.x before 5.2, InfoSphere Optim Configuration Manager 2.x before…
CVE-2013-4022 — CVSS 3.5 (low): IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager 5.x before 5.2, InfoSphere Optim Configuration Manager 2.x before…
CVE-2013-4025 — CVSS 1.9 (low): IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager 5.x before 5.2, InfoSphere Optim Configuration Manager 2.x before…