CVE-2025-36186 | IBM DB2/DB2 Connect Server up to 12.1.3 Configuration unnecessary privileges

A vulnerability described as critical has been identified in IBM DB2 and DB2 Connect Server up to 12.1.3. This impacts an unknown function of the component Configuration Handler. The manipulation results in execution with unnecessary privileges.

This vulnerability is known as CVE-2025-36186. Attacking locally is a requirement. No exploit is available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More