CVE-2025-27900

Name of the Vulnerable Software and Affected Versions IBM DB2 Recovery Expert for LUW version 5.5 Interim Fix 002

Description The software contains a flaw that could enable a remote attacker to carry out phishing attacks through an open redirect. A crafted website can be used to exploit this issue, potentially spoofing the displayed URL and redirecting a user to a malicious website that appears trustworthy. This could allow an attacker to obtain sensitive information or launch further attacks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.