CVE-2026-6472

Missing authorization in PostgreSQL CREATE TYPE allows an object creator to hijack other queries that use searchpath to find user-defined types, including extension-defined types. That is to say, the victim will execute arbitrary SQL functions of the attacker's choice. Versions before PostgreSQL...

libecpg6-18.4-1.1 on GA media (moderate)

libecpg6-18.4-1.1 on GA media Announcement ID: openSUSE-SU-2026:10828-1 Rating: moderate Cross-References: CVE-2026-6472 CVE-2026-6473 CVE-2026-6474 CVE-2026-6475 CVE-2026-6476 CVE-2026-6477 CVE-2026-6478 CVE-2026-6479 CVE-2026-6575 CVE-2026-6637 CVE-2026-6638 CVSS scores: CVE-2026-6472 SUSE : 5....

CVE-2026-6474

Externally-controlled format string in PostgreSQL timeofday function allows an attacker to retrieve portions of server memory, via crafted timezone zones. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected...

UBUNTU-CVE-2026-6476

SQL injection in PostgreSQL pgcreatesubscriber allows an attacker with pgcreatesubscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pgcreatesubscriber next runs. Within major versions 17 and 18, minor versions before PostgreSQL 18.4 and 17.10 are affected...

CVE-2026-6575

CVE-2026-6575: In PostgreSQL, the buffer over-read is triggered by the function pg_restore_attribute_stats() when it processes array inputs with unmatched lengths, allowing query planning to read past the end of an array. Affected are major version 18 and specific minor versions before 18.4; Post...

CVE-2026-6479 PostgreSQL SSL/GSS init causes denial of service, via uncontrolled recursion

Uncontrolled recursion in PostgreSQL SSL and GSS negotiation allows an attacker able to connect to a PostgreSQL AFUNIX socket to achieve sustained denial of service. If SSL and GSS are both disabled, an attacker can do the same via access to a PostgreSQL TCP socket. Versions before PostgreSQL 18....

CVE-2026-6476 PostgreSQL pg_createsubscriber allows SQL injection via subscription name

SQL injection in PostgreSQL pgcreatesubscriber allows an attacker with pgcreatesubscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pgcreatesubscriber next runs. Within major versions 17 and 18, minor versions before PostgreSQL 18.4 and 17.10 are affected...

CVE-2026-6474 PostgreSQL timeofday() can disclose portions of server memory

Externally-controlled format string in PostgreSQL timeofday function allows an attacker to retrieve portions of server memory, via crafted timezone zones. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected...

CVE-2026-6474

Externally-controlled format string in PostgreSQL timeofday function allows an attacker to retrieve portions of server memory, via crafted timezone zones. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected...

EUVD-2026-30281

Integer wraparound in multiple PostgreSQL server features allows an unprivileged database user to cause the server to undersize an allocation and write out-of-bounds. This may execute arbitrary code as the operating system user running the database. In applications that pass gigabyte-scale user...

KLA91049 DoS vulnerability in PostgreSQL

Heap buffer overflow vulnerability was found in PostgreSQL. Malicious users can exploit this vulnerability to cause denial of service. Original advisories PostgreSQL pgrestoreattributestats accepts values that cause query planning to read past end of stats array Exploitation Related products...

PostgreSQL SQL注入漏洞

PostgreSQL is a set of free object-relational database management systems developed by the PostgreSQL organization. This system supports most SQL standards and offers many other features, such as foreign keys, triggers, views, etc. Versions of PostgreSQL prior to 18.4 and 17.10 contained an SQL...

DarkSword Malware

DarkSword is a sophisticated piece of malware--probably government designed--that targets iOS. Google Threat Intelligence Group GTIG has identified a new iOS full-chain exploit that leveraged multiple zero-day vulnerabilities to fully compromise devices. Based on toolmarks in recovered payloads, ...

Security Bulletin: IBM SPSS Modeler is vulnerabile to SSL private key exposure (CVE-2023-33842)

Summary An SSL private key exposure in IBM SPSS Modeler could allow a local user to decrypt and obtain sensitive information Vulnerability Details CVEID:CVE-2023-33842 DESCRIPTION: IBM SPSS Modeler on Windows requires the end user to have access to the server SSL key which could allow a local use...

DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover

A new exploit kit for Apple iOS devices designed to steal sensitive data from is being wielded by multiple threat actors since at least November 2025, according to reports from Google Threat Intelligence Group GTIG, iVerify, and Lookout. According to GTIG, multiple commercial surveillance vendors...

GitLab 16.8 < 18.5.0 (CVE-2026-1751)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A vulnerability has been discovered in GitLab CE/EE affecting all versions starting with 16.8 before 18.5.0 that could have allowed unauthorized edits to merge request approval rules under certain...

CVE-2026-0958 Interpretation Conflict in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.4 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that could have allowed an unauthenticated user to cause denial of service through memory or CPU exhaustion by bypassing JSON validation middleware limits...

CVE-2026-0958

Removed by vendor...

PT-2026-7525

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 18.4 through 18.6.5 GitLab CE/EE versions 18.7 through 18.7.3 GitLab CE/EE versions 18.8 through 18.8.3 Description An unauthenticated user could potentially cause a denial of service by exhausting memory or CPU resources...

CVE-2026-0958

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.4 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that could have allowed an unauthenticated user to cause denial of service through memory or CPU exhaustion by bypassing JSON validation middleware limits...