CLEANSTART-2026-HJ04971 vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT

Multiple security vulnerabilities affect the postgresql package. A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. See references for individual vulnerability details...

CLEANSTART-2026-FW42039 vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT

Multiple security vulnerabilities affect the postgresql package. A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. See references for individual vulnerability details...

CLEANSTART-2026-ZC18474 PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access

Multiple security vulnerabilities affect the postgresql package. PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. See references for individual vulnerability details...

CLEANSTART-2026-KA40024 PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access

Multiple security vulnerabilities affect the postgresql package. PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. See references for individual vulnerability details...

CLEANSTART-2026-AI42483 PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access

Multiple security vulnerabilities affect the postgresql package. PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. See references for individual vulnerability details...

CLEANSTART-2026-DJ71086 PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access

Multiple security vulnerabilities affect the postgresql package. PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. See references for individual vulnerability details...

CVE-2025-69662

CVE-2025-69662 is a SQL injection vulnerability in geopandas prior to v1.1.2. The issue arises when using the to_postgis() function to write GeoDataFrames to a PostgreSQL database, enabling an attacker to obtain sensitive information. The CVSS v3.1 score is 8.6 (HIGH) with network attack vector a...

CVE-2025-69662

SQL injection vulnerability in geopandas before v.1.1.2 allows an attacker to obtain sensitive information via the topostgis function being used to write GeoDataFrames to a PostgreSQL database...

CVE-2025-69662

SQL injection vulnerability in geopandas before v.1.1.2 allows an attacker to obtain sensitive information via the topostgis function being used to write GeoDataFrames to a PostgreSQL database...

CVE-2025-69662

SQL injection vulnerability in geopandas before v.1.1.2 allows an attacker to obtain sensitive information via the topostgis function being used to write GeoDataFrames to a PostgreSQL database...

EUVD-2025-206572

SQL injection vulnerability in geopandas before v.1.1.2 allows an attacker to obtain sensitive information via the topostgis function being used to write GeoDataFrames to a PostgreSQL database...

AlmaLinux 9 : php:8.3 (ALSA-2026:1429)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:1429 advisory. php: heap-based buffer overflow in arraymerge CVE-2025-14178 php: PHP: Information disclosure via getimagesize function when reading multi-chunk images...

Geopandas security vulnerabilities

Geopandas is an open-source Python tool for processing geospatial data. Versions of geopandas prior to 1.1.2 contained a security vulnerability. This vulnerability stemmed from a flaw in the topostgis function, which could allow attackers to access sensitive information when writing GeoDataFrames...

SUSE-SU-2026:20193-1 Security update for postgresql16

This update for postgresql16 fixes the following issues: Security fixes: - CVE-2025-12817: Missing check for CREATE privileges on the schema in CREATE STATISTICS allowed table owners to create statistics in any schema, potentially leading to unexpected naming conflicts bsc1253332 - CVE-2025-12818...

OPENSUSE-SU-2026:20130-1 Security update for postgresql16

This update for postgresql16 fixes the following issues: Security fixes: - CVE-2025-12817: Missing check for CREATE privileges on the schema in CREATE STATISTICS allowed table owners to create statistics in any schema, potentially leading to unexpected naming conflicts bsc1253332 - CVE-2025-12818...

ROS-20260129-73-0029

A vulnerability in the CREATE STATISTICS function of the PostgreSQL database management system is related to access control flaws. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260129-73-0030

A vulnerability in the CREATE STATISTICS function of the PostgreSQL database management system is related to access control flaws. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260129-73-0028

A vulnerability in the CREATE STATISTICS function of the PostgreSQL database management system is related to access control flaws. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260129-73-0043

A vulnerability in the libpq library of the PostgreSQL database management system is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260129-73-0042

A vulnerability in the libpq library of the PostgreSQL database management system is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...