CVE-2026-27890 - Vulnerability Analysis
HighCVSS: 8.2Last Updated: April 17, 2026
Firebird - Denial of Service
Overview
Firebird < 5.0.4, 4.0.7, and 3.0.14 contain a denial of service caused by improper handling of out-of-order CNCT_specific_data segments during authentication, letting unauthenticated attackers crash the server remotely.
Severity & Score
Impact
Unauthenticated attackers can crash the server remotely, causing denial of service.
Mitigation
Update to versions 5.0.4, 4.0.7, or 3.0.14 or later.
References
Social Media Activity(2 posts)
š CVE-2026-27890 - High (8.2) Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when processing CNCT_specific_data segments during authentication, the server assumes segments arrive in strictly ascending order. If s... š https://www.thehackerwire.com/vulnerability/CVE-2026-27890/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original post
š CVE-2026-27890 - High (8.2) Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when processing CNCT_specific_data segments during authentication, the server assumes segments arrive in strictly ascending order. If s... š https://www.thehackerwire.com/vulnerability/CVE-2026-27890/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2026-27890
- Severity
- High
- CVSS Score
- 8.2
- Type
- denial_of_service
- Status
- new
- EPSS
- 0.0%
- Social Posts
- 2
CWE
- CWE-119
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H