Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.5
IBM DB2 Merge Backup Crash via Stack Overflow
CVE-2025-33130
Summary
A security issue in IBM DB2 Merge Backup for Windows, Linux, and UNIX could allow an attacker to crash the program if they have valid login credentials. This could lead to a denial-of-service, making the database unavailable. IBM advises users to apply the latest updates to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| ibm | db2_merge_backup | 12.1.0.0 | – |
| ibm | db2_merge_backup | 12.1.0.0 | – |
| ibm | db2_merge_backup | 12.1.0.0 | – |
Original title
IBM DB2 Merge Backup for Linux, UNIX and Windows 12.1.0.0 could allow an authenticated user to cause the program to crash due to a buffer being overwritten when it is allocated on the stack.
Original description
IBM DB2 Merge Backup for Linux, UNIX and Windows 12.1.0.0 could allow an authenticated user to cause the program to crash due to a buffer being overwritten when it is allocated on the stack.
nvd CVSS3.1
6.5
Vulnerability type
CWE-120
Classic Buffer Overflow
- https://www.ibm.com/support/pages/node/7260043 Vendor Advisory
Published: 17 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026