24h | 7d | 30d

CVE-2026-2004

Overview

  • PostgreSQL
12 Feb 2026
Published
26 Feb 2026
Updated
CVSS v3.1
HIGH (8.8)
EPSS
0.12%
KEV

Description

Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected.

Statistics

  • 1 Post
Last activity: 13 hours ago

Bluesky

Profile picture fallback
ferramentaslinux.bsky.social @ferramentaslinux.bsky.social
Urgent: SUSE patch day for #PostgreSQL 18! 🛡️ Update 2026-0881-1 fixes 5 CVEs including HIGH-severity RCE flaws (CVE-2026-2004, CVE-2026-2005, CVE-2026-2006). Read more: 👉 tinyurl.com/uvp2en7r #openSUSE
  • 0
  • 0
  • 0
  • 13h ago

CVE-2026-2006

Overview

  • PostgreSQL
12 Feb 2026
Published
26 Feb 2026
Updated
CVSS v3.1
HIGH (8.8)
EPSS
0.08%
KEV

Description

Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected.

Statistics

  • 1 Post
Last activity: 13 hours ago

Bluesky

Profile picture fallback
ferramentaslinux.bsky.social @ferramentaslinux.bsky.social
Urgent: SUSE patch day for #PostgreSQL 18! 🛡️ Update 2026-0881-1 fixes 5 CVEs including HIGH-severity RCE flaws (CVE-2026-2004, CVE-2026-2005, CVE-2026-2006). Read more: 👉 tinyurl.com/uvp2en7r #openSUSE
  • 0
  • 0
  • 0
  • 13h ago
Showing 71 to 72 of 72 CVEs