CVE-2026-2007

Heap buffer overflow in PostgreSQL pgtrgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has limited control over the byte patterns to be written, but we have not ruled out the viability of attacks that lead to privilege escalation. PostgreSQL 18.1 and...

CVE-2025-61732 vulnerabilities

Vulnerabilities for packages: confluent-cp-docker-utils, wolfictl, grafana-mimir, grype, terraform-provider-time, openbao, sftpgo-plugin-kms, velero-plugin-for-csi, dgraph, gomplate, yace, govulncheck, crossplane-provider-keycloak, multus-cni, spire-controller-manager, juicefs,...

CVE-2025-68121 vulnerabilities

Vulnerabilities for packages: flux-helm-controller-fips, http-echo, kubeflow-fips, cue, spqr, crossplane-function-auto-ready, fulcio-fips, sealed-secrets, tigera-operator-fips, azure-workload-identity-webhook, cortex, kubernetes-csi-node-driver-registrar-fips, local-static-provisioner-fips,...

CVE-2025-61732 vulnerabilities

Vulnerabilities for packages: flux-helm-controller-fips, http-echo, kubeflow-fips, cue, spqr, crossplane-function-auto-ready, fulcio-fips, sealed-secrets, tigera-operator-fips, azure-workload-identity-webhook, cortex, kubernetes-csi-node-driver-registrar-fips, local-static-provisioner-fips,...

CLEANSTART-2026-SV79070 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process

Multiple security vulnerabilities affect the cloudnative-pg-fips package. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details...

CLEANSTART-2026-RX06615 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process

Multiple security vulnerabilities affect the cloudnative-pg-fips package. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details...

CLEANSTART-2026-FJ56296 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process

Multiple security vulnerabilities affect the cloudnative-pg-fips package. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details...

CLEANSTART-2026-UY81473 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process

Multiple security vulnerabilities affect the cloudnative-pg-fips package. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details...

CLEANSTART-2026-BS24435 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process

Multiple security vulnerabilities affect the cloudnative-pg-fips package. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details...

CLEANSTART-2026-BV91860 Within HostnameError

Security vulnerability affects the cloudnative-pg package. Within HostnameError...

SUSE CVE-2026-24881

In GnuPG before 2.5.17, a crafted CMS S/MIME EnvelopedData message carrying an oversized wrapped session key can cause a stack-based buffer overflow in gpg-agent during PKDECRYPT--kem=CMS handling. This can easily be leveraged for denial of service; however, there is also memory corruption that...

Oracle Linux 9 : postgresql:16 (ELSA-2026-0493)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0493 advisory. pgaudit 16.0-1 - Update to 16.0 - Support postgresql 16 - Initial import for PG 16 module - Resolves: RHEL-3635 pgrepack 1.5.1-1 - Update to v1.5.1...

postgresql:15 security update

pgaudit 1.7.0-1 - Initial import for postgresql 15 module - Update to 1.7.0 - Support postgresql 15 - Related: 2128410 pgrepack 1.4.8-2 - Add new build dependencies to fix build with lz4 enabled - Related: RHEL-47350 1.4.8-1 - Update to version 1.4.8 - Postgresql 15 is supported - Related: 212841...

Oracle Linux 8 : postgresql:15 (ELSA-2026-0524)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0524 advisory. pgaudit pgrepack postgres-decoderbufs postgresql 15.15-1 - Update to 15.15 - Resolves: RHEL-128819 CVE-2025-12818 Tenable has extracted the preceding...

CVE-2025-68973

In GnuPG before 2.4.9, armorfilter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. For ExtendedLTS, 2.2.51 and later are fixed versions...

Linux Distros Unpatched Vulnerability : CVE-2025-68972

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext line, an adversary can construct a modified message that places additional text aft...

CVE-2021-47714

Hasura GraphQL 1.3.3 contains a local file read vulnerability that allows attackers to access system files through SQL injection in the query endpoint. Attackers can exploit the pgreadfile PostgreSQL function by crafting malicious SQL queries to read arbitrary files on the server...

SUSE CVE-2022-50675

In the Linux kernel, the following vulnerability has been resolved: arm64: mte: Avoid setting PGmtetagged if no tags cleared or restored Prior to commit 69e3b846d8a7 "arm64: mte: Sync tags for pages where PTE is untagged", mtesynctags was only called for ptetagged entries those mapped with PROTMT...

GHSA-927W-VQ5C-8GC3 phppgadmin contains a SQL injection vulnerability

phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability in dataexport.php at line 118. The application directly executes user-supplied SQL queries from the $REQUEST'query' parameter without any sanitization or parameterization via $data-conn-Execute$REQUEST'query'. An authenticated...

Security update for postgresql14

This update for postgresql14 fixes the following issues: Upgrade to 14.19: CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code in...