10 matches found
GO-2026-5106 CloudNativePG's metrics exporter allows privilege escalation to PostgreSQL superuser and OS RCE in github.com/cloudnative-pg/cloudnative-pg
CloudNativePG's metrics exporter allows privilege escalation to PostgreSQL superuser and OS RCE in github.com/cloudnative-pg/cloudnative-pg...
CVE-2026-44477
A flaw was found in CloudNativePG's metrics exporter. The issue arises because the metrics exporter connected to PostgreSQL using a highly privileged account and did not properly restrict privileges during monitoring operations. A low-privileged database user could exploit this behavior through...
CVE-2026-44477
CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. Prior to 1.29.1 and 1.28.3, the CloudNativePG metrics exporter opens its PostgreSQL connection as the postgres superuser via the pod-local Unix socket, then demotes the session with SET ROLE...
CVE-2026-44477 CloudNativePG: Metrics exporter allows privilege escalation to PostgreSQL superuser and OS RCE
CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. Prior to 1.29.1 and 1.28.3, the CloudNativePG metrics exporter opens its PostgreSQL connection as the postgres superuser via the pod-local Unix socket, then demotes the session with SET ROLE...
EUVD-2026-32930
CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. Prior to 1.29.1 and 1.28.3, the CloudNativePG metrics exporter opens its PostgreSQL connection as the postgres superuser via the pod-local Unix socket, then demotes the session with SET ROLE...
CVE-2026-44477 CloudNativePG: Metrics exporter allows privilege escalation to PostgreSQL superuser and OS RCE
CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. Prior to 1.29.1 and 1.28.3, the CloudNativePG metrics exporter opens its PostgreSQL connection as the postgres superuser via the pod-local Unix socket, then demotes the session with SET ROLE...
CVE-2026-44477
CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. Prior to 1.29.1 and 1.28.3, the CloudNativePG metrics exporter opens its PostgreSQL connection as the postgres superuser via the pod-local Unix socket, then demotes the session with SET ROLE...
Privilege Escalation
CloudNativePG is vulnerable to Privilege Escalation. The vulnerability is due to the metrics exporter establishing PostgreSQL sessions as the postgres superuser and relying on SET ROLE for privilege reduction, which allows an attacker to restore superuser privileges using RESET ROLE and execute...
GHSA-423P-G724-FR39 CloudNativePG's metrics exporter allows privilege escalation to PostgreSQL superuser and OS RCE
Impact The CloudNativePG metrics exporter opens its PostgreSQL connection as the postgres superuser via the pod-local Unix socket, then demotes the session with SET ROLE pgmonitor. SET ROLE changes only currentuser; sessionuser remains postgres. That residual superuser identity is the foothold fo...
PT-2026-39753
Name of the Vulnerable Software and Affected Versions CloudNativePG versions prior to 1.28.3 CloudNativePG versions prior to 1.29.1 Description The metrics exporter in CloudNativePG opens a PostgreSQL connection as the postgres superuser via the pod-local Unix socket and subsequently demotes the...