Important: postgresql16

Issue Overview: Missing authorization in PostgreSQL CREATE TYPE allows an object creator to hijack other queries that use searchpath to find user-defined types, including extension-defined types. That is to say, the victim will execute arbitrary SQL functions of the attacker's choice. Versions...

OPENSUSE-SU-2026:20901-1 Security update for postgresql18

This update for postgresql18 fixes the following issues Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard against malicious time zone...

SUSE SLES15 Security Update : postgresql14 (SUSE-SU-2026:2117-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2117-1 advisory. This update for postgresql14 fixes the following issues Update to version 14.23. Security issues: - CVE-2026-6472: ensure the user...

SUSE-SU-2026:2117-1 Security update for postgresql14

This update for postgresql14 fixes the following issues Update to version 14.23. Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard again...

SUSE SLES12 Security Update : postgresql16 (SUSE-SU-2026:2084-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2084-1 advisory. This update for postgresql16 fixes the following issues Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema...

libecpg6-18.4-1.1 on GA media (moderate)

libecpg6-18.4-1.1 on GA media Announcement ID: openSUSE-SU-2026:10828-1 Rating: moderate Cross-References: CVE-2026-6472 CVE-2026-6473 CVE-2026-6474 CVE-2026-6475 CVE-2026-6476 CVE-2026-6477 CVE-2026-6478 CVE-2026-6479 CVE-2026-6575 CVE-2026-6637 CVE-2026-6638 CVSS scores: CVE-2026-6472 SUSE : 5....

Security update for postgresql14

This update for postgresql14 fixes the following issues Update to version 14.23. Security issues: CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. CVE-2026-6474: Guard against...

SUSE-SU-2026:2007-1 Security update for postgresql14

This update for postgresql14 fixes the following issues Update to version 14.23. Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard again...

SUSE-SU-2026:2000-1 Security update for postgresql15

This update for postgresql15 fixes the following issues Update to version 15.18. Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard again...

SUSE SLED15 / SLES15 Security Update : postgresql18 (SUSE-SU-2026:1944-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1944-1 advisory. This update for postgresql18 fixes the following issues Update to version 18.4. Security issues: -...

SUSE SLES15 Security Update : postgresql16 (SUSE-SU-2026:1942-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1942-1 advisory. This update for postgresql16 fixes the following issues Update to version 16.13. Security issues: - CVE-2026-6472: ensure the user...

SUSE-SU-2026:1942-1 Security update for postgresql16

This update for postgresql16 fixes the following issues Update to version 16.13. Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard again...

CVE-2026-6472

The CVE-2026-6472 entry concerns PostgreSQL: missing authorization in the CREATE TYPE path enables an object creator to hijack queries that rely on search_path to locate user-defined and extension-defined types. Affected versions include PostgreSQL 14.23, 15.18, 16.14, 17.10, and 18.4 prior relea...

Linux Distros Unpatched Vulnerability : CVE-2026-6472

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing authorization in PostgreSQL CREATE TYPE allows an object creator to hijack other queries that use searchpath to find user-defined types, including...