CVE-2026-28214

Summary

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the ClumpletReader::getClumpletSize() function can overflow the totalLength value when parsing a Wide type clumplet, causing an infinite loop. An authenticated user with INSERT privileges on any table can exploit this via a crafted Batch Parameter Block to cause a denial of service against the server. This issue has been fixed in versions 5.0.4, 4.0.7 and 3.0.14.

Affected Software

VendorProductVersion RangeStatus
FirebirdSQLfirebird>= 3.0.0, < 3.0.14affected
FirebirdSQLfirebird>= 4.0.0, < 4.0.7affected
FirebirdSQLfirebird>= 5.0.0, < 5.0.4affected

Weaknesses

  • CWE-190: CWE-190: Integer Overflow or Wraparound
  • CWE-835: CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References