Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

13168 matches found

Tenable Nessus
Tenable Nessusadded 2026/02/13 12:0 a.m.3 views

Debian dsa-6133 : libecpg-compat3 - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6133 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6133-1 [email protected] https://www.debian.org/securit...

8.8CVSS6.1AI score0.00059EPSS
Exploits3References10
Photon
Photonadded 2026/02/13 12:0 a.m.5 views

Important Photon OS Security Update - PHSA-2026-5.0-0762

Updates of 'postgresql14', 'rubygem-faraday', 'postgresql15' packages of Photon OS have been released...

8.8CVSS5.2AI score0.00039EPSS
Exploits3
Tenable Nessus
Tenable Nessusadded 2026/02/13 12:0 a.m.8 views

Debian dsa-6132 : libecpg-compat3 - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6132 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6132-1 [email protected] https://www.debian.org/securit...

8.8CVSS6.1AI score0.00059EPSS
Exploits3References10
Tenable Nessus
Tenable Nessusadded 2026/02/13 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-2005

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in PostgreSQL pgcrypto allows a ciphertext provider to execute arbitrary code as the operating system user running the database. Versions...

8.8CVSS6.5AI score0.00039EPSS
Exploits3References3
OPENSUSE Linux
OPENSUSE Linuxadded 2026/02/13 12:0 a.m.3 views

postgresql14-14.21-1.1 on GA media (moderate)

postgresql14-14.21-1.1 on GA media Announcement ID: openSUSE-SU-2026:10190-1 Rating: moderate Cross-References: CVE-2026-2003 CVE-2026-2004 CVE-2026-2005 CVE-2026-2006 Affected Products: openSUSE Tumbleweed An update that solves 4 vulnerabilities can now be installed. Description: These are all...

8.8CVSS5.5AI score0.00059EPSS
Exploits3
NVD
NVDadded 2026/02/12 8:16 p.m.6 views

CVE-2026-25949

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.8, there is a potential vulnerability in Traefik managing STARTTLS requests. An unauthenticated client can bypass Traefik entrypoint respondingTimeouts.readTimeout by sending the 8-byte Postgres SSLRequest STARTTLS prelude and then...

7.5CVSS0.00019EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/02/12 8:1 p.m.2 views

CVE-2026-25949 Traefik: TCP readTimeout bypass via STARTTLS on Postgres

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.8, there is a potential vulnerability in Traefik managing STARTTLS requests. An unauthenticated client can bypass Traefik entrypoint respondingTimeouts.readTimeout by sending the 8-byte Postgres SSLRequest STARTTLS prelude and then...

7.5CVSS5.6AI score0.00019EPSS
Exploits0References3
Debian
Debianadded 2026/02/12 7:47 p.m.8 views

[SECURITY] [DSA 6133-1] postgresql-17 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6133-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 12, 2026 https://www.debian.org/security/faq -...

8.8CVSS6AI score0.00059EPSS
Exploits3
Debian
Debianadded 2026/02/12 7:47 p.m.6 views

[SECURITY] [DSA 6132-1] postgresql-15 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6132-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 12, 2026 https://www.debian.org/security/faq -...

8.8CVSS6AI score0.00059EPSS
Exploits3
OSV
OSVadded 2026/02/12 2:16 p.m.4 views

AZL-77583 CVE-2026-2004 affecting package postgresql for versions less than 14.21-1

Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected...

8.8CVSS6.1AI score0.00059EPSS
Exploits0References1
OSV
OSVadded 2026/02/12 2:16 p.m.2 views

AZL-77586 CVE-2026-2005 affecting package postgresql for versions less than 14.21-1

Heap buffer overflow in PostgreSQL pgcrypto allows a ciphertext provider to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected...

8.8CVSS6.4AI score0.00039EPSS
Exploits3References1
OSV
OSVadded 2026/02/12 2:16 p.m.2 views

AZL-77417 CVE-2026-2005 affecting package postgresql for versions less than 16.12-1

Heap buffer overflow in PostgreSQL pgcrypto allows a ciphertext provider to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected...

8.8CVSS6.4AI score0.00039EPSS
Exploits3References1
NVD
NVDadded 2026/02/12 2:16 p.m.6 views

CVE-2026-2005

Heap buffer overflow in PostgreSQL pgcrypto allows a ciphertext provider to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected...

8.8CVSS0.00039EPSS
Exploits3References1
OSV
OSVadded 2026/02/12 2:16 p.m.5 views

AZL-77426 CVE-2026-2006 affecting package postgresql for versions less than 16.12-1

Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12,...

8.8CVSS6.3AI score0.00039EPSS
Exploits0References1
OSV
OSVadded 2026/02/12 2:16 p.m.1 views

AZL-77580 CVE-2026-2003 affecting package postgresql for versions less than 14.21-1

Improper validation of type "oidvector" in PostgreSQL allows a database user to disclose a few bytes of server memory. We have not ruled out viability of attacks that arrange for presence of confidential information in disclosed bytes, but they seem unlikely. Versions before PostgreSQL 18.2, 17.8...

4.3CVSS5.7AI score0.00023EPSS
Exploits0References1
OSV
OSVadded 2026/02/12 2:16 p.m.3 views

ALPINE-CVE-2026-2007

Heap buffer overflow in PostgreSQL pgtrgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has limited control over the byte patterns to be written, but we have not ruled out the viability of attacks that lead to privilege escalation. PostgreSQL 18.1 and...

8.2CVSS5.8AI score0.00021EPSS
Exploits0References1
OSV
OSVadded 2026/02/12 2:16 p.m.1 views

AZL-77423 CVE-2026-2004 affecting package postgresql for versions less than 16.12-1

Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected...

8.8CVSS6.1AI score0.00059EPSS
Exploits0References1
OSV
OSVadded 2026/02/12 2:16 p.m.4 views

ALPINE-CVE-2026-2003

Improper validation of type "oidvector" in PostgreSQL allows a database user to disclose a few bytes of server memory. We have not ruled out viability of attacks that arrange for presence of confidential information in disclosed bytes, but they seem unlikely. Versions before PostgreSQL 18.2, 17.8...

4.3CVSS5.6AI score0.00023EPSS
Exploits0References1
OSV
OSVadded 2026/02/12 2:16 p.m.3 views

ALPINE-CVE-2026-2004

Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected...

8.8CVSS6.1AI score0.00059EPSS
Exploits0References1
OSV
OSVadded 2026/02/12 2:16 p.m.1 views

CVE-2026-2006

Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12,...

8.8CVSS6.3AI score0.00039EPSS
Exploits0References1
Rows per page
Query Builder