IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2 Recovery Expert for Linux, UNIX and Windows is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
References
| Link | Resource |
|---|---|
| https://www.ibm.com/support/pages/node/7259901 | Vendor Advisory Patch |
Configurations
Configuration 1 (hide)
|
History
26 Feb 2026, 18:14
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Ibm db2 Recovery Expert
Ibm |
|
| CPE | cpe:2.3:a:ibm:db2_recovery_expert:5.5.0:interim_fix_002:*:*:*:linux:*:* cpe:2.3:a:ibm:db2_recovery_expert:5.5.0:interim_fix_002:*:*:*:unix:*:* cpe:2.3:a:ibm:db2_recovery_expert:5.5.0:interim_fix_002:*:*:*:windows:*:* |
|
| References | () https://www.ibm.com/support/pages/node/7259901 - Vendor Advisory, Patch |
18 Feb 2026, 17:51
| Type | Values Removed | Values Added |
|---|---|---|
| Summary |
|
17 Feb 2026, 20:22
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-02-17 20:22
Updated : 2026-02-26 18:14
NVD link : CVE-2025-27904
Mitre link : CVE-2025-27904
CVE.ORG link : CVE-2025-27904
JSON object : View
Products Affected
ibm
- db2_recovery_expert
CWE
CWE-352
Cross-Site Request Forgery (CSRF)