{"api_version":"1","generated_at":"2026-07-17T22:48:02+00:00","cve":"CVE-2026-14501","urls":{"html":"https://cve.report/CVE-2026-14501","api":"https://cve.report/api/cve/CVE-2026-14501.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-14501","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-14501"},"summary":{"title":"Use of Potentially Dangerous Functionthat in IBM Db2 Genius Hub","description":"IBM Db2 Genius Hub 1.1, 1.1.1, 1.1.2 and IBM Agentics 1.0 could allow an attacker to execute arbitrary code or obtain sensitive information due to the use of dangerous functions without sufficient restrictions.","state":"PUBLISHED","assigner":"ibm","published_at":"2026-07-17 20:17:15","updated_at":"2026-07-17 20:17:15"},"problem_types":["CWE-676","CWE-676 CWE-676 Use of Potentially Dangerous Function"],"metrics":[{"version":"3.1","source":"psirt@us.ibm.com","type":"Primary","score":"4.3","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"}},{"version":"3.1","source":"CNA","type":"CVSS","score":"4.3","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":4.3,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"LOW","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","version":"3.1"}}],"references":[{"url":"https://www.ibm.com/support/pages/node/7279901","name":"https://www.ibm.com/support/pages/node/7279901","refsource":"psirt@us.ibm.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-14501","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-14501","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"IBM","product":"Db2 Genius Hub","version":"affected 1.1, 1.1.1, 1.1.2","platforms":[]},{"source":"CNA","vendor":"IBM","product":"Agentics","version":"affected 1.0","platforms":[]}],"timeline":[],"solutions":[{"source":"CNA","title":"","value":"IBM strongly recommends addressing the vulnerability now.ProductVersion impactedRemediationIBM Db2 Genius Hub &amp; Agentics1.1, 1.1.1, 1.1.2Upgrade to: IBM Db2 Genius Hub 1.1.3https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther%20software&amp;product=ibm/Information+Management/IBM+Db2+Genius+Hub&amp;release=1.1.3.0&amp;platform=All&amp;function=all","time":"","lang":"en"}],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"cna":{"affected":[{"cpes":["cpe:2.3:a:ibm:db2_genius_hub:1.1:*:*:*:*:*:*:*","cpe:2.3:a:ibm:db2_genius_hub:1.1.0:*:*:*:*:*:*:*"],"product":"Db2 Genius Hub","vendor":"IBM","versions":[{"status":"affected","version":"1.1, 1.1.1, 1.1.2"}]},{"cpes":["cpe:2.3:a:ibm:agentics:1.0:*:*:*:*:*:*:*","cpe:2.3:a:ibm:agentics:1.0.0:*:*:*:*:*:*:*"],"product":"Agentics","vendor":"IBM","versions":[{"status":"affected","version":"1.0"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>IBM Db2 Genius Hub 1.1, 1.1.1, 1.1.2 and IBM Agentics 1.0 could allow an attacker to execute arbitrary code or obtain sensitive information due to the use of dangerous functions without sufficient restrictions.</p>"}],"value":"IBM Db2 Genius Hub 1.1, 1.1.1, 1.1.2 and IBM Agentics 1.0 could allow an attacker to execute arbitrary code or obtain sensitive information due to the use of dangerous functions without sufficient restrictions."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":4.3,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"LOW","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-676","description":"CWE-676 Use of Potentially Dangerous Function","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-07-17T19:55:50.177Z","orgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","shortName":"ibm"},"references":[{"tags":["vendor-advisory","patch"],"url":"https://www.ibm.com/support/pages/node/7279901"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<div><div><p>IBM strongly recommends addressing the vulnerability now.</p><div><table><tbody><tr><td><p>Product</p></td><td><p>Version impacted</p></td><td><p>Remediation</p></td></tr><tr><td><p>IBM Db2 Genius Hub &amp; Agentics</p></td><td><p>1.1, 1.1.1, 1.1.2</p></td><td><p>Upgrade to: IBM Db2 Genius Hub 1.1.3<br/><br/><a href=\"https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther%20software&amp;product=ibm/Information+Management/IBM+Db2+Genius+Hub&amp;release=1.1.3.0&amp;platform=All&amp;function=all\" rel=\"nofollow\">https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther%20software&amp;product=ibm/Information+Management/IBM+Db2+Genius+Hub&amp;release=1.1.3.0&amp;platform=All&amp;function=all</a></p></td></tr></tbody></table></div></div></div><div><div></div></div><p></p>"}],"value":"IBM strongly recommends addressing the vulnerability now.ProductVersion impactedRemediationIBM Db2 Genius Hub &amp; Agentics1.1, 1.1.1, 1.1.2Upgrade to: IBM Db2 Genius Hub 1.1.3https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EOther%20software&amp;product=ibm/Information+Management/IBM+Db2+Genius+Hub&amp;release=1.1.3.0&amp;platform=All&amp;function=all"}],"title":"Use of Potentially Dangerous Functionthat in IBM Db2 Genius Hub","x_generator":{"engine":"ibm-cvegen"}}},"cveMetadata":{"assignerOrgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","assignerShortName":"ibm","cveId":"CVE-2026-14501","datePublished":"2026-07-17T19:55:50.177Z","dateReserved":"2026-07-02T18:00:48.051Z","dateUpdated":"2026-07-17T19:55:50.177Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-07-17 20:17:15","lastModifiedDate":"2026-07-17 20:17:15","problem_types":["CWE-676","CWE-676 CWE-676 Use of Potentially Dangerous Function"],"metrics":{"cvssMetricV31":[{"source":"psirt@us.ibm.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}]},"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"14501","Ordinal":"1","Title":"Use of Potentially Dangerous Functionthat in IBM Db2 Genius Hub","CVE":"CVE-2026-14501","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"14501","Ordinal":"1","NoteData":"IBM Db2 Genius Hub 1.1, 1.1.1, 1.1.2 and IBM Agentics 1.0 could allow an attacker to execute arbitrary code or obtain sensitive information due to the use of dangerous functions without sufficient restrictions.","Type":"Description","Title":"Use of Potentially Dangerous Functionthat in IBM Db2 Genius Hub"}]}}}