CVE-2026-56282 Capgo - Information Disclosure via Unauthenticated /replication Endpoint

Capgo before 12.128.2 contains an information disclosure vulnerability in the unauthenticated /replication endpoint that exposes internal PostgreSQL replication telemetry including slot names and WAL LSN positions. Attackers can access this endpoint without authentication to retrieve sensitive...

EUVD-2026-30290

SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect at the next REFRESH PUBLICATION. Within major versions 16, 17, and 18...

PT-2026-40927

Name of the Vulnerable Software and Affected Versions PostgreSQL versions 16.0 through 16.13 PostgreSQL versions 17.0 through 17.9 PostgreSQL versions 18.0 through 18.3 Description SQL injection in logical replication occurs when using the 'ALTER SUBSCRIPTION ... REFRESH PUBLICATION' command. Thi...

Linux news 29.09.00

Linux 2.2.18pre11 Alax Cox выпустил новую pre-версию следующего стабильного ядра Linux: 2.2.18pre11. Подробнее: http://linuxtoday.com/newsstory.php3?ltsn=2000-09-27-011-04-NW-KN MySQL 3.23.25 Вышла новая beta версия популярного SQL сервера MySQL - MySQL 3.23.25. Подробнее:...