PT-2026-21682

Name of the Vulnerable Software and Affected Versions Apache Superset versions prior to 6.0.0 Description An issue exists in Apache Superset where an authenticated user with SQLLab access can bypass the read-only verification check when using a PostgreSQL database connection. The system does not...

Apache Superset 安全漏洞

Apache Superset is a modern big data exploration and visualization platform from the Apache Foundation that allows users to easily and quickly build dashboards using a simple no-code visualization builder and a state-of-the-art SQL editor. Apache Superset has an input validation vulnerability in...

PostgreSQL 14.x < 14.21 / 15.x < 15.16 / 16.x < 16.12 / 17.x < 17.8 / 18.x < 18.2 Multiple Vulnerabilities

The version of PostgreSQL installed on the remote host is 14 prior to 14.21, 15 prior to 15.16, 16 prior to 16.12, 17 prior to 17.8, or 18 prior to 18.2. As such, it is potentially affected by multiple vulnerabilities: - Missing validation of multibyte character length in PostgreSQL text...

SUSE: Security Advisory (SUSE-SU-2026:0584-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PostgreSQL Connection and Authorization Information

Article Applicability This article provides general information regarding PostgreSQL configuration and connectivity. The details are based on and tested exclusively with Windows-based PostgreSQL instances installed by Veeam products such as Veeam Backup & Replication, Veeam ONE, and Veeam Backup...

PostgreSQL 18.x < 18.2 Heap Buffer Overflow (CVE-2026-2007)

The version of PostgreSQL installed on the remote host is 18 prior to 18.2. As such, it is potentially affected by a vulnerability: - Heap buffer overflow in PostgreSQL pgtrgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has limited control over the...

SUSE: Security Advisory (SUSE-SU-2026:0586-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : postgresql18 (SUSE-SU-2026:0585-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0585-1 advisory. Update to version 18.2. Security issues fixed: - CVE-2026-2003: improper validation of type 'oidvector' may allow disclose a few bytes of serve...

SUSE SLES15 Security Update : postgresql18 (SUSE-SU-2026:0584-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0584-1 advisory. Update to version 18.2. Security issues fixed: - CVE-2026-2003: improper validation of type 'oidvector' may allow disclose a few...

SUSE SLES15 Security Update : postgresql17 (SUSE-SU-2026:0586-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0586-1 advisory. Update to version 17.8. Security issues fixed: - CVE-2026-2003: improper validation of type 'oidvector' may allow disclose a few...

MAL-2026-975 Malicious code in azure-postgresql-auth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1bed0aaccd7198eac8f4076c1eec5f143ae28bdcfa8bbf990a62ff7c65411707 The package azure-postgresql-auth was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in azure-postgresql-auth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1bed0aaccd7198eac8f4076c1eec5f143ae28bdcfa8bbf990a62ff7c65411707 The package azure-postgresql-auth was found to contain malicious code. Source: ossf-package-analysis...

K000160103: PostgreSQL vulnerability CVE-2022-2625

Security Advisory Description A vulnerability was found in PostgreSQL. This attack requires permission to create non-temporary objects in at least one schema, the ability to lure or wait for an administrator to create or update an affected extension in that schema, and the ability to lure or wait...

OPENSUSE-SU-2026:20266-1 Security update for postgresql15

This update for postgresql15 fixes the following issues: Update to version 15.16. Security issues fixed: - CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. - CVE-2026-2004: intarray missing validation of type of input to selectivit...

OPENSUSE-SU-2026:20265-1 Security update for postgresql14

This update for postgresql14 fixes the following issues: Update to version 14.21. Security issues fixed: - CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. - CVE-2026-2004: intarray missing validation of type of input to selectivit...

SUSE-SU-2026:20587-1 Security update for postgresql14

This update for postgresql14 fixes the following issues: Update to version 14.21. Security issues fixed: - CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. - CVE-2026-2004: intarray missing validation of type of input to selectivit...

Security update for postgresql16

This update for postgresql16 fixes the following issues: Update to version 16.12. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to selectivity...

Security update for postgresql17

This update for postgresql17 fixes the following issues: Update to version 17.8. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to selectivity...

SUSE-SU-2026:0586-1 Security update for postgresql17

This update for postgresql17 fixes the following issues: Update to version 17.8. Security issues fixed: - CVE-2026-2003: improper validation of type 'oidvector' may allow disclose a few bytes of server memory bsc1258008. - CVE-2026-2004: intarray missing validation of type of input to selectivity...

Security update for postgresql18

This update for postgresql18 fixes the following issues: Update to version 18.2. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to selectivity...