[SECURITY] Fedora 43 Update: pgbouncer-1.25.2-1.fc43

pgbouncer is a lightweight connection pooler for PostgreSQL and uses libevent for low-level socket handling...

Fedora 43 : pgbouncer (2026-fad57ac86d)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-fad57ac86d advisory. Update to 1.25.2. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

CVE-2026-6665 affecting package pgbouncer for versions less than 1.25.2-1

CVE-2026-6665 affecting package pgbouncer for versions less than 1.25.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2026-6667 affecting package pgbouncer for versions less than 1.25.2-1

CVE-2026-6667 affecting package pgbouncer for versions less than 1.25.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2026-42560 auth: Patreon provider assigns the same local user ID to every authenticated Patreon account, enabling cross‑user impersonation

auth provides authentication via oauth2, direct and email. From versions 1.18.0 to before 1.25.2 and 2.0.0 to before 2.1.2, the Patreon OAuth provider maps every authenticated Patreon account to the same local user.ID, instead of deriving a unique ID from the Patreon account returned by Patreon. ...

CVE-2026-42560

auth provides authentication via oauth2, direct and email. From versions 1.18.0 to before 1.25.2 and 2.0.0 to before 2.1.2, the Patreon OAuth provider maps every authenticated Patreon account to the same local user.ID, instead of deriving a unique ID from the Patreon account returned by Patreon. ...

CVE-2026-6667

PgBouncer before 1.25.2 did not perform an appropriate authorization check for the KILLCLIENT admin command. All users with access to the administration console which itself requires authorization could run this command. It would have been correct to allow only users listed in the adminusers...

CVE-2026-6666

CVE-2026-6666 concerns PgBouncer prior to 1.25.2, where a null pointer reference could cause a crash if a server response is missing an SQLSTATE field. The BIT-OSV entry reiterates the same description; no exploit details or in-the-wild status are provided. The available connected documents do no...

EUVD-2026-28876

An integer overflow in network packet parsing code in PgBouncer before 1.25.2 bypasses a boundary check and can lead to a crash. An unauthenticated remote attacker can crash PgBouncer with a malformed SCRAM authentication packet...

PgBouncer 安全漏洞

PgBouncer is an open-source, lightweight connection pool for PostgreSQL developed by the PgBouncer community. Prior to version 1.25.2, PgBouncer had a security vulnerability. This vulnerability stemmed from insufficient authorization checks for the KILLCLIENT management command. As long as users...

Linux Distros Unpatched Vulnerability : CVE-2026-6667

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PgBouncer before 1.25.2 did not perform an appropriate authorization check for the KILLCLIENT admin command. All users with access to the administration console...

Linux Distros Unpatched Vulnerability : CVE-2026-6665

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The SCRAM code in PgBouncer before 1.25.2 did not check the return value of strlcat correctly when building the contents of the SCRAM client-final-message. A...

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication in the mapUser process. An attacker can gain unauthorized access to other users' accounts and access sensitive information by exploiting the improper assignment of a constant user ID to all authenticated accounts...

CVE-2026-32885 DDEV has ZipSlip path traversal in tar and zip archive extraction

DDEV is an open-source tool for running local web development environments for PHP and Node.js. Versions prior to 1.25.2 have unsanitized extraction in both Untar and Unzip functions in pkg/archive/archive.go. Downloads and extracts archives from remote sources without path validation. Version...

PT-2026-34524

DDEV is an open-source tool for running local web development environments for PHP and Node.js. Versions prior to 1.25.2 have unsanitized extraction in both Untar and Unzip functions in pkg/archive/archive.go. Downloads and extracts archives from remote sources without path validation. Version...

ddev 路径遍历漏洞

ddev is an open-source local PHP and Node.js development environment tool developed by DDEV. Versions of ddev prior to 1.25.2 contained a path traversal vulnerability. This vulnerability stemmed from the Untar and Unzip functions not verifying paths properly, which could lead to path traversal wh...

EUVD-2026-20962

oma is a package manager for AOSC OS. Prior to 1.25.2, oma-topics is responsible for fetching metadata for testing repositories topics named "Topic Manifests" mirror/debs/manifest/topics.json from remote repository servers, registering them as APT source entries. However, the name field in said...

CVE-2026-39958 oma-topic: name Field in Topic Manifests (topic.json) May Allow CRLF Injection

oma is a package manager for AOSC OS. Prior to 1.25.2, oma-topics is responsible for fetching metadata for testing repositories topics named "Topic Manifests" mirror/debs/manifest/topics.json from remote repository servers, registering them as APT source entries. However, the name field in said...

oma 注入漏洞

Oma is an AOSC-Dev open-source package manager for AOSC OS. Versions of Oma prior to 1.25.2 had a injection vulnerability. This vulnerability stemmed from Oma-topics not checking the transliterated value of the name field in metadata, which could allow malicious APT source entries to be added to...

PT-2026-31657

oma is a package manager for AOSC OS. Prior to 1.25.2, oma-topics is responsible for fetching metadata for testing repositories topics named "Topic Manifests" mirror/debs/manifest/topics.json from remote repository servers, registering them as APT source entries. However, the name field in said...