What is CVE-2025-36006?

CVE-2025-36006 is a medium-severity vulnerability in Ibm Db2, classified under Improper Resource Shutdown or Release. CVSS score: 6.5/10. Published 2025-11-07.

How severe is CVE-2025-36006?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Vulnerability in Ibm Db2

CVE-2025-36006

IBM Db2 10.5.0 through 10.5.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to cause a denial due to the improper rel…

EPSS: 0.000 (13.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.

Affected products

Ibm Db2 — versions 10.5.0, 11.1.0, 11.5.0

Weakness classification (CWE)

CWE-404 — Improper Resource Shutdown or Release

References

www.ibm.com/support/pages/node/7250479 (vendor-advisory, patch)

Frequently asked questions

What is CVE-2025-36006?: CVE-2025-36006 is a medium-severity vulnerability in Ibm Db2, classified under Improper Resource Shutdown or Release. CVSS score: 6.5/10. Published 2025-11-07.
How severe is CVE-2025-36006?: Medium severity. CVSS v3 base score is 6.5 out of 10.