Platform
other
Component
firebird
Fixed in
3.0.1
4.0.1
5.0.1
CVE-2026-35215 is a Denial of Service (DoS) vulnerability discovered in Firebird, an open-source relational database management system. An attacker can exploit this flaw by sending a specially crafted slice packet, leading to a division by zero error and a server crash. This vulnerability affects Firebird versions 3.0.0 through 5.0.0 (excluding 5.0.4) and 4.0.7. The vulnerability has been resolved in versions 3.0.14, 4.0.7, and 5.0.4.
Successful exploitation of CVE-2026-35215 allows an unauthenticated attacker to crash the Firebird database server. This results in a complete service disruption, potentially impacting all applications and services reliant on the database. The blast radius is limited to the affected server instance, but the impact can be significant if the database is critical to business operations. The vulnerability stems from insufficient validation of the length of a decoded SDL descriptor within the sdl_desc() function, making it susceptible to a crafted input that triggers the division by zero. While no direct data exfiltration is possible, the service outage can indirectly lead to data loss if transactions are interrupted.
CVE-2026-35215 was publicly disclosed on 2026-04-17. There is no indication of active exploitation at this time, and it is not currently listed on the CISA KEV catalog. Public proof-of-concept (PoC) code is not yet available, but the vulnerability's nature suggests that a PoC is likely to be developed given sufficient time. The EPSS score is likely to be assessed as medium, reflecting the relatively straightforward exploitation path and potential for disruption.
Exploit Status
EPSS
0.06% (17% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-35215 is to upgrade to a patched version of Firebird. Affected versions include 3.0.0–>= 5.0.0, < 5.0.4. Upgrade to either 3.0.14, 4.0.7, or 5.0.4. If immediate patching is not possible, consider implementing network-level restrictions to limit access to the Firebird server, although this does not fully address the vulnerability. Monitor Firebird logs for unusual activity or errors related to slice packets. While a WAF is unlikely to directly mitigate this vulnerability, it can be configured to detect and block suspicious traffic patterns. After upgrade, confirm the fix by attempting to send a crafted slice packet (if possible without causing instability) and verifying that the server does not crash.
Update to version 3.0.14, 4.0.7 or 5.0.4 of Firebird to mitigate the vulnerability. This update corrects an error that allows an attacker to send a malicious slice packet to cause the server to crash.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-35215 is a Denial of Service vulnerability in Firebird database servers, allowing an attacker to crash the server by sending a crafted slice packet.
You are affected if you are running Firebird versions 3.0.0–>= 5.0.0, < 5.0.4. Versions 3.0.14, 4.0.7, and 5.0.4 are not affected.
Upgrade to Firebird version 3.0.14, 4.0.7, or 5.0.4 to resolve the vulnerability.
There is currently no evidence of active exploitation, but the vulnerability's nature suggests a PoC may be developed.
Refer to the official Firebird documentation and security advisories on the Firebird website for the latest information.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.