CVE-2026-29089

TimescaleDB (Postgres extension) contains a vulnerability in the upgrade path where PostgreSQL’s untrusted search_path can be abused. From versions 2.23.0–2.25.1 , if the search_path includes user-writable schemas, a malicious user could create functions shadowing builtin Postgres functions, caus...