Lucene search
K

10 matches found

OSV
OSV
added 2026/06/25 6:26 p.m.4 views

GO-2026-5106 CloudNativePG's metrics exporter allows privilege escalation to PostgreSQL superuser and OS RCE in github.com/cloudnative-pg/cloudnative-pg

CloudNativePG's metrics exporter allows privilege escalation to PostgreSQL superuser and OS RCE in github.com/cloudnative-pg/cloudnative-pg...

9.9CVSS5.8AI score0.0048EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/03 5:5 a.m.12 views

CVE-2026-44477

A flaw was found in CloudNativePG's metrics exporter. The issue arises because the metrics exporter connected to PostgreSQL using a highly privileged account and did not properly restrict privileges during monitoring operations. A low-privileged database user could exploit this behavior through...

9.9CVSS5.9AI score0.0048EPSS
Exploits0References5
NVD
NVD
added 2026/05/28 5:16 p.m.24 views

CVE-2026-44477

CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. Prior to 1.29.1 and 1.28.3, the CloudNativePG metrics exporter opens its PostgreSQL connection as the postgres superuser via the pod-local Unix socket, then demotes the session with SET ROLE...

9.9CVSS0.0048EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/28 3:46 p.m.36 views

CVE-2026-44477 CloudNativePG: Metrics exporter allows privilege escalation to PostgreSQL superuser and OS RCE

CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. Prior to 1.29.1 and 1.28.3, the CloudNativePG metrics exporter opens its PostgreSQL connection as the postgres superuser via the pod-local Unix socket, then demotes the session with SET ROLE...

9.4CVSS0.0048EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/28 3:46 p.m.11 views

EUVD-2026-32930

CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. Prior to 1.29.1 and 1.28.3, the CloudNativePG metrics exporter opens its PostgreSQL connection as the postgres superuser via the pod-local Unix socket, then demotes the session with SET ROLE...

9.4CVSS5.9AI score0.0048EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/28 3:46 p.m.9 views

CVE-2026-44477 CloudNativePG: Metrics exporter allows privilege escalation to PostgreSQL superuser and OS RCE

CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. Prior to 1.29.1 and 1.28.3, the CloudNativePG metrics exporter opens its PostgreSQL connection as the postgres superuser via the pod-local Unix socket, then demotes the session with SET ROLE...

9.4CVSS5.8AI score0.0048EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/28 3:46 p.m.13 views

CVE-2026-44477

CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. Prior to 1.29.1 and 1.28.3, the CloudNativePG metrics exporter opens its PostgreSQL connection as the postgres superuser via the pod-local Unix socket, then demotes the session with SET ROLE...

9.4CVSS5.9AI score0.0048EPSS
Exploits0References3Affected Software1
Veracode
Veracode
added 2026/05/16 5:27 a.m.6 views

Privilege Escalation

CloudNativePG is vulnerable to Privilege Escalation. The vulnerability is due to the metrics exporter establishing PostgreSQL sessions as the postgres superuser and relying on SET ROLE for privilege reduction, which allows an attacker to restore superuser privileges using RESET ROLE and execute...

9.9CVSS6AI score0.0048EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2026/05/11 3:59 p.m.4 views

GHSA-423P-G724-FR39 CloudNativePG's metrics exporter allows privilege escalation to PostgreSQL superuser and OS RCE

Impact The CloudNativePG metrics exporter opens its PostgreSQL connection as the postgres superuser via the pod-local Unix socket, then demotes the session with SET ROLE pgmonitor. SET ROLE changes only currentuser; sessionuser remains postgres. That residual superuser identity is the foothold fo...

9.9CVSS6.1AI score0.0048EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.13 views

PT-2026-39753

Name of the Vulnerable Software and Affected Versions CloudNativePG versions prior to 1.28.3 CloudNativePG versions prior to 1.29.1 Description The metrics exporter in CloudNativePG opens a PostgreSQL connection as the postgres superuser via the pod-local Unix socket and subsequently demotes the...

9.9CVSS6.6AI score0.0048EPSS
Exploits0References13
Rows per page
Query Builder