Medium severity6.5NVD Advisory· Published May 27, 2026· Updated Jun 2, 2026
CVE-2026-3676
CVE-2026-3676
Description
IBM Cloud APM, Base Private 8.1.4 and IBM Cloud APM, Advanced Private 8.1.4 IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in the data query logic of the Fenced environment.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:a:ibm:cloud_application_performance_managemen:8.1.4:*:*:*:advanced_private:*:*:*+ 1 more
- cpe:2.3:a:ibm:cloud_application_performance_managemen:8.1.4:*:*:*:advanced_private:*:*:*
- cpe:2.3:a:ibm:cloud_application_performance_managemen:8.1.4:*:*:*:base_private:*:*:*
- Range: =8.1.4
- Range: =8.1.4
Patches
Vulnerability mechanics
References
1- www.ibm.com/support/pages/node/7273649nvdVendor Advisory
News mentions
1- IBM's May 2026 Patch Dump: 25 CVEs Span Aspera, Db2, Langflow, and MoreVypr Intelligence · May 27, 2026