CVE-2025-36247 | IBM DB2/DB2 Connect Server up to 11.5.9/12.1.3 xml external entity reference

A vulnerability marked as problematic has been reported in IBM DB2 and DB2 Connect Server up to 11.5.9/12.1.3. Impacted is an unknown function. Performing a manipulation results in xml external entity reference.

This vulnerability is cataloged as CVE-2025-36247. It is possible to initiate the attack remotely. There is no exploit available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More