CVE-2026-3856
MEDIUMIBM Db2 Recovery Expert Missing Integrity Check
Title source: cnaDescription
IBM Db2 Recovery Expert for Linux, UNIX and Windows 5.5 IF 2 could allow an attacker to modify or corrupt data due to an insecure mechanism used for verifying the integrity of the data during transmission.
Scores
CVSS v3
5.3
EPSS
0.0001
EPSS Percentile
0.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Details
CWE
CWE-353
Status
published
Products (2)
IBM/Db2 Recovery Expert
5.5 IF 2
ibm/db2_recovery_expert
5.5.0 interim_fix_002 (3 CPE variants)
Published
Mar 17, 2026
Tracked Since
Mar 18, 2026