postgresql: PostgreSQL oidvector discloses a few bytes of memory

A type validation flaw has been discovered in postgresql. Improper validation of the type "oidvector" in PostgreSQL allows a database user to disclose a few bytes of server memory. It is possible that this may expose confidential information but it is unlikely...

postgresql: PostgreSQL oidvector discloses a few bytes of memory

A type validation flaw has been discovered in postgresql. Improper validation of the type "oidvector" in PostgreSQL allows a database user to disclose a few bytes of server memory. It is possible that this may expose confidential information but it is unlikely...

USN-8072-1: PostgreSQL vulnerabilities

Altan Birler discovered that PostgreSQL incorrectly validated oidvector types. An attacker could possibly use this issue to obtain a few bytes of sensitive information. CVE-2026-2003 Daniel Firer discovered that PostgreSQL incorrectly validated input in the intarray extension. An attacker could...

USN-8072-1 postgresql-14, postgresql-16, postgresql-17 vulnerabilities

Altan Birler discovered that PostgreSQL incorrectly validated oidvector types. An attacker could possibly use this issue to obtain a few bytes of sensitive information. CVE-2026-2003 Daniel Firer discovered that PostgreSQL incorrectly validated input in the intarray extension. An attacker could...

TencentOS Server 4: postgresql (TSSA-2026:0125)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0125 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

Security update for postgresql14

This update for postgresql14 fixes the following issues: Update to version 14.21. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to selectivity...

SUSE-SU-2026:0615-1 Security update for postgresql15

This update for postgresql15 fixes the following issues: Update to version 15.16. Security issues fixed: - CVE-2026-2003: improper validation of type 'oidvector' may allow disclose a few bytes of server memory bsc1258008. - CVE-2026-2004: intarray missing validation of type of input to selectivit...

SUSE-SU-2026:0614-1 Security update for postgresql16

This update for postgresql16 fixes the following issues: Update to version 16.12. Security issues fixed: - CVE-2026-2003: improper validation of type 'oidvector' may allow disclose a few bytes of server memory bsc1258008. - CVE-2026-2004: intarray missing validation of type of input to selectivit...

SUSE SLES15 Security Update : postgresql16 (SUSE-SU-2026:0588-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0588-1 advisory. Update to version 16.12. Security issues fixed: - CVE-2026-2003: improper validation of type 'oidvector' may allow disclose a few...

SUSE-SU-2026:20588-1 Security update for postgresql15

This update for postgresql15 fixes the following issues: Update to version 15.16. Security issues fixed: - CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. - CVE-2026-2004: intarray missing validation of type of input to selectivit...

SUSE-SU-2026:20587-1 Security update for postgresql14

This update for postgresql14 fixes the following issues: Update to version 14.21. Security issues fixed: - CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. - CVE-2026-2004: intarray missing validation of type of input to selectivit...

Security update for postgresql16

This update for postgresql16 fixes the following issues: Update to version 16.12. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to selectivity...

SUSE-SU-2026:0588-1 Security update for postgresql16

This update for postgresql16 fixes the following issues: Update to version 16.12. Security issues fixed: - CVE-2026-2003: improper validation of type 'oidvector' may allow disclose a few bytes of server memory bsc1258008. - CVE-2026-2004: intarray missing validation of type of input to selectivit...

SUSE-SU-2026:0585-1 Security update for postgresql18

This update for postgresql18 fixes the following issues: Update to version 18.2. Security issues fixed: - CVE-2026-2003: improper validation of type 'oidvector' may allow disclose a few bytes of server memory bsc1258008. - CVE-2026-2004: intarray missing validation of type of input to selectivity...

Security update for postgresql18

This update for postgresql18 fixes the following issues: Update to version 18.2. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to selectivity...

MGASA-2026-0041 Updated postgresql15 packages fix security vulnerabilities

PostgreSQL oidvector discloses a few bytes of memory. CVE-2026-2003 PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code. CVE-2026-2004 PostgreSQL pgcrypto heap buffer overflow executes arbitrary code. CVE-2026-2005 PostgreSQL missing validation...

Updated postgresql15 packages fix security vulnerabilities

PostgreSQL oidvector discloses a few bytes of memory. CVE-2026-2003 PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code. CVE-2026-2004 PostgreSQL pgcrypto heap buffer overflow executes arbitrary code. CVE-2026-2005 PostgreSQL missing validation...

BIT-POSTGRESQL-2026-2003 PostgreSQL oidvector discloses a few bytes of memory

Improper validation of type "oidvector" in PostgreSQL allows a database user to disclose a few bytes of server memory. We have not ruled out viability of attacks that arrange for presence of confidential information in disclosed bytes, but they seem unlikely. Versions before PostgreSQL 18.2, 17.8...

SUSE CVE-2026-2003

Improper validation of type "oidvector" in PostgreSQL allows a database user to disclose a few bytes of server memory. We have not ruled out viability of attacks that arrange for presence of confidential information in disclosed bytes, but they seem unlikely. Versions before PostgreSQL 18.2, 17.8...

FreeBSD : PostgreSQL -- Multiple vulnerabilities (e3afc190-0821-11f1-a857-6cc21735f730)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the e3afc190-0821-11f1-a857-6cc21735f730 advisory. The PostgreSQL project reports: Improper validation of type oidvector in PostgreSQL allows a...