Lucene search
+L

98 matches found

OSV
OSV
added 2026/06/16 11:5 p.m.2 views

SUSE-SU-2026:22149-1 Security update for postgresql17

This update for postgresql17 fixes the following issues Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard against malicious time zone...

8.8CVSS6.2AI score0.00668EPSS
Exploits0References23
SUSE Linux
SUSE Linux
added 2026/06/08 3:27 p.m.9 views

Security update for postgresql17

This update for postgresql17 fixes the following issues Update to version 17.10. Security issues: CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. CVE-2026-6474: Guard against...

8.8CVSS5.9AI score0.00668EPSS
Exploits0References46
OSV
OSV
added 2026/06/08 1:54 p.m.12 views

JLSEC-2026-608

SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect at the next REFRESH PUBLICATION. Within major versions 16, 17, and 18...

8.8CVSS6AI score0.0018EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/03 2:53 p.m.5 views

postgresql: PostgreSQL: Arbitrary SQL execution via SQL injection in logical replication

A flaw was found in PostgreSQL. This SQL injection vulnerability exists within the logical replication feature, specifically when using the ALTER SUBSCRIPTION ... REFRESH PUBLICATION command. A malicious subscriber table creator can exploit this flaw to execute arbitrary SQL commands with the...

8.8CVSS6.2AI score0.0018EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/05/26 11:31 p.m.5 views

postgresql: PostgreSQL: Arbitrary SQL execution via SQL injection in logical replication

A flaw was found in PostgreSQL. This SQL injection vulnerability exists within the logical replication feature, specifically when using the ALTER SUBSCRIPTION ... REFRESH PUBLICATION command. A malicious subscriber table creator can exploit this flaw to execute arbitrary SQL commands with the...

8.8CVSS6.2AI score0.0018EPSS
Exploits0References5
SUSE Linux
SUSE Linux
added 2026/05/19 8:21 a.m.14 views

Security update for postgresql16

This update for postgresql16 fixes the following issues Update to version 16.13. Security issues: CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. CVE-2026-6474: Guard against...

8.8CVSS6.1AI score0.00668EPSS
Exploits0References40
SUSE CVE
SUSE CVE
added 2026/05/18 1:22 p.m.19 views

SUSE CVE-2026-6638

SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect at the next REFRESH PUBLICATION. Within major versions 16, 17, and 18...

3.7CVSS6.1AI score0.0018EPSS
Exploits0References14
SUSE Linux
SUSE Linux
added 2026/05/18 7:48 a.m.9 views

Security update for postgresql18

This update for postgresql18 fixes the following issues Update to version 18.4. Security issues: CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. CVE-2026-6474: Guard against...

8.8CVSS6.1AI score0.00668EPSS
Exploits0References48
SUSE Linux
SUSE Linux
added 2026/05/18 7:47 a.m.13 views

Security update for postgresql18

This update for postgresql18 fixes the following issues Update to version 18.4. Security issues: CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. CVE-2026-6474: Guard against...

8.8CVSS6.1AI score0.00668EPSS
Exploits0References48
OSV
OSV
added 2026/05/18 7:47 a.m.5 views

SUSE-SU-2026:1944-1 Security update for postgresql18

This update for postgresql18 fixes the following issues Update to version 18.4. Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard agains...

8.8CVSS6.1AI score0.00668EPSS
Exploits0References24
Snyk
Snyk
added 2026/05/14 3:22 p.m.10 views

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the REFRESH PUBLICATION process. An attacker can execute arbitrary SQL commands with the privileges of the publication-side credentials by crafting a malicious table name and triggering the process during logical...

8.8CVSS6.1AI score0.0018EPSS
Exploits0References2
NVD
NVD
added 2026/05/14 2:16 p.m.20 views

CVE-2026-6638

SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect at the next REFRESH PUBLICATION. Within major versions 16, 17, and 18...

8.8CVSS0.0018EPSS
Exploits0References1
OSV
OSV
added 2026/05/14 2:16 p.m.6 views

ALPINE-CVE-2026-6638

SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect at the next REFRESH PUBLICATION. Within major versions 16, 17, and 18...

8.8CVSS6.1AI score0.0018EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/05/14 2:16 p.m.10 views

CVE-2026-6638

SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect at the next REFRESH PUBLICATION. Within major versions 16, 17, and 18...

8.8CVSS6AI score0.0018EPSS
Exploits0References4
OSV
OSV
added 2026/05/14 2:16 p.m.11 views

UBUNTU-CVE-2026-6638

SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect at the next REFRESH PUBLICATION. Within major versions 16, 17, and 18...

8.8CVSS6.1AI score0.0018EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/14 1:0 p.m.9 views

CVE-2026-6638

SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect at the next REFRESH PUBLICATION. Within major versions 16, 17, and 18...

3.7CVSS6.1AI score0.0018EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/05/14 1:0 p.m.10 views

CVE-2026-6638

SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect at the next REFRESH PUBLICATION. Within major versions 16, 17, and 18...

8.8CVSS6.1AI score0.0018EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/05/14 1:0 p.m.15 views

CVE-2026-6638

SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect at the next REFRESH PUBLICATION. Within major versions 16, 17, and 18...

8.8CVSS6.1AI score0.0018EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.13 views

PT-2026-40927

Name of the Vulnerable Software and Affected Versions PostgreSQL versions 16.0 through 16.13 PostgreSQL versions 17.0 through 17.9 PostgreSQL versions 18.0 through 18.3 Description SQL injection in logical replication occurs when using the 'ALTER SUBSCRIPTION ... REFRESH PUBLICATION' command. Thi...

8.8CVSS6.2AI score0.00668EPSS
Exploits0References66
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.18 views

Linux Distros Unpatched Vulnerability : CVE-2026-6638

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the...

8.8CVSS6.4AI score0.0018EPSS
Exploits0References3
Rows per page
Query Builder