JLSEC-2026-52

🗓️ 03 Apr 2026 13:27:15Reported by GoogleType

TOCTOU race in PostgreSQL dump allows arbitrary sql as the dump user by replacing a relation with a view or foreign table.

Reporter	Title	Published	Views	Family All 371
IBM Security Bulletins	Security Bulletin: Vulnerability in PostgreSQL affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component.	11 Mar 202516:17	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Sterling Connect:Direct Web Services is affected by PostgreSQL TOCTOU vulnerability	12 Nov 202405:42	–	ibm
IBM Security Bulletins	Security Bulletin: There are multiple vulnerabilities that can affect IBM Storage Scale System that are now included	22 Oct 202420:24	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities	26 Mar 202504:11	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities Affected for EDB	21 Jul 202513:52	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Observability with Instana (OnPrem) is affected by multiple security vulnerabilities	27 Feb 202509:34	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps	15 Apr 202503:03	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities Affected for EDB	21 Jul 202513:54	–	ibm
IBM Security Bulletins	Security Bulletin: The Network Threat Analytics App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities	24 Mar 202618:22	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to various issues in postgresql	31 Oct 202518:37	–	ibm

Source	Link
postgresql	www.postgresql.org/support/security/CVE-2024-7348/
openwall	www.openwall.com/lists/oss-security/2024/08/11/1
security	www.security.netapp.com/advisory/ntap-20240822-0002/

03 Apr 2026 13:31Current

7High risk

Vulners AI Score7

CVSS 3.17.5 - 8.8

EPSS0.00764

SSVC