CVE-2025-65104

HIGH SEVERITY

CVSS Score & Metrics

Base Score

7.9 / 10

Vector String

                                        CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:L                                    

Vulnerability Description

Firebird is an open-source relational database management system. In versions FB3 of the client library placed incorrect data length values into XSQLDA fields when communicating with FB4 or higher servers, resulting in an information leak. This issue is fixed by upgrading to the FB4 client or higher.

Vulnerability Details

Published Date

April 17, 2026

Last Modified

April 17, 2026

CWE ID

CWE-200

Source

NVD

Vendor

FirebirdSQL

Product

firebird

External References

https://github.com/FirebirdSQL/firebird/releases/tag/v4.0.0
https://github.com/FirebirdSQL/firebird/security/advisories/GHSA-mfpr-9886-xjhg

CVE-2025-65104

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment