RockyLinux 10 : postgresql18 (RLSA-2026:19009)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19009 advisory. postgresql: PostgreSQL pgtrgm heap buffer overflow writes pattern onto server memory CVE-2026-2007 postgresql: PostgreSQL oidvector discloses a few byt...

OESA-2026-2381 libpq security update

PostgreSQL is a powerful, open source object-relational database system that uses and extends the SQL language combined with many features that safely store and scale the most complicated data workloads. This package provides the essential shared library for any PostgreSQL client program or...

PostgreSQL 14.x < 14.23 / 15.x < 15.18 / 16.x < 16.14 / 17.x < 17.10 / 18.x < 18.4 Multiple Vulnerabilities

The version of PostgreSQL installed on the remote host is 14 prior to 14.23, 15 prior to 15.18, 16 prior to 16.14, 17 prior to 17.10, or 18 prior to 18.4. As such, it is potentially affected by multiple vulnerabilities: - Stack buffer overflow in PostgreSQL module refint allows an unprivileged...

RHEL 10 : postgresql16 (RHSA-2026:19010)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19010 advisory. PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that...

[SECURITY] [DSA 6269-1] postgresql-15 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6269-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 14, 2026 https://www.debian.org/security/faq -...

PostgreSQL 安全漏洞

PostgreSQL is a set of free object-relational database management systems developed by the PostgreSQL organization. This system supports most SQL standards and offers many other features, such as foreign keys, triggers, views, etc. Vulnerabilities existed in versions prior to PostgreSQL 18.4,...

Debian dsa-6270 : libecpg-compat3 - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6270 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6270-1 [email protected] https://www.debian.org/securit...

Security Bulletin: Multiple vulnerabilities in PostgreSQL affect PowerVM VIOS

Summary Vulnerabilities in PostgreSQL could allow an attacker to cause a denial of service CVE-2025-4207, read sensitive data CVE-2025-8713, or inject arbitrary code CVE-2025-8714, CVE-2025-8715. PowerVM VIOS uses PostgreSQL as part of Shared Storage Pools SSP and for internal administration...

Tenable Security Center Multiple Vulnerabilities (TNS-2026-10)

According to its self-reported version, the Tenable Security Center running on the remote host is 6.5.0 through 6.8.0 and missing security patch SC-202604.1. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2026-10 advisory. - Missing validation of multibyte charact...

Security Bulletin: The Network Threat Analytics App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. Network Threat Analytics App for IBM QRadar SIEM has addressed the applicable CVEs in an update. Vulnerability Details CVEID:CVE-2023-2454 DESCRIPTION:...

Alibaba Cloud Linux 3 : 0059: postgresql:13 (ALINUX3-SA-2026:0059)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0059 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-2004: Missing validation of type ...

MiracleLinux 8 : postgresql:15 (AXSA:2026-331:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-331:01 advisory. postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code CVE-2026-2006 postgresql: PostgreSQL intarray missing...

MiracleLinux 9 : postgresql:16 (AXSA:2026-326:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-326:01 advisory. postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code CVE-2026-2006 postgresql: PostgreSQL intarray missing...

MiracleLinux 8 : postgresql:12 (AXSA:2026-303:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-303:01 advisory. postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code CVE-2026-2006 postgresql: PostgreSQL intarray missing...

RHEL 9 : postgresql (RHSA-2026:4518)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4518 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL missing validation of...

RHEL 9 : postgresql (RHSA-2026:4475)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4475 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL missing validation of...

RHEL 8 : postgresql:12 (RHSA-2026:4506)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4506 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: PostgreSQL missing validation of...

RockyLinux 9 : postgresql:16 (RLSA-2026:4110)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:4110 advisory. postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code CVE-2026-2006 postgresql: PostgreSQL intarray missing...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : PostgreSQL vulnerabilities (USN-8072-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8072-1 advisory. Altan Birler discovered that PostgreSQL incorrectly validated oidvector types. An attacker could possibly use this issue to obtain a...

Amazon Linux 2023 : postgresql15, postgresql15-contrib, postgresql15-llvmjit (ALAS2023-2026-1456)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1456 advisory. Improper validation of type oidvector in PostgreSQL allows a database user to disclose a few bytes of server memory. We have not ruled out viability of attacks that arrange for presence of...