top of page
perceptive_background_267k.jpg

Firebird is an open-source relational database management system. In versions FB3 of the client library placed incorrect data length values into XSQLDA fields w…

Published:

16 april 2026 om 22:00:00

Alert date:

17 april 2026 om 20:03:43

Source:

nvd.nist.gov

Click to open the original link from this advisory

Database & Storage

CVE-2025-65104 affects Firebird open-source relational database management system. The vulnerability occurs in FB3 client library versions when communicating with FB4 or higher servers. Incorrect data length values are placed into XSQLDA fields during client-server communication. This results in an information disclosure vulnerability that could leak sensitive data. The issue is resolved by upgrading to FB4 client library or higher versions. The vulnerability has been assigned a high criticality rating.

Technical details

Mitigation steps:

Affected products:

Firebird

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2025-65104
https://github.com/FirebirdSQL/firebird/releases/tag/v4.0.0
https://github.com/FirebirdSQL/firebird/security/advisories/GHSA-mfpr-9886-xjhg

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page