Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

13195 matches found

OSV
OSVadded 2026/02/12 2:16 p.m.3 views

AZL-77580 CVE-2026-2003 affecting package postgresql for versions less than 14.21-1

Improper validation of type "oidvector" in PostgreSQL allows a database user to disclose a few bytes of server memory. We have not ruled out viability of attacks that arrange for presence of confidential information in disclosed bytes, but they seem unlikely. Versions before PostgreSQL 18.2, 17.8...

4.3CVSS5.7AI score0.00281EPSS
Exploits0References1
OSV
OSVadded 2026/02/12 2:16 p.m.2 views

CVE-2026-2007

Heap buffer overflow in PostgreSQL pgtrgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has limited control over the byte patterns to be written, but we have not ruled out the viability of attacks that lead to privilege escalation. PostgreSQL 18.1 and...

8.2CVSS6AI score0.00335EPSS
Exploits0References1
OSV
OSVadded 2026/02/12 2:16 p.m.4 views

ALPINE-CVE-2026-2005

Heap buffer overflow in PostgreSQL pgcrypto allows a ciphertext provider to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected...

8.8CVSS6.4AI score0.00678EPSS
Exploits3References1
OSV
OSVadded 2026/02/12 2:16 p.m.2 views

AZL-77589 CVE-2026-2006 affecting package postgresql for versions less than 14.21-1

Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12,...

8.8CVSS6.3AI score0.00659EPSS
Exploits0References1
UbuntuCve
UbuntuCveadded 2026/02/12 2:16 p.m.4 views

CVE-2026-2007

Heap buffer overflow in PostgreSQL pgtrgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has limited control over the byte patterns to be written, but we have not ruled out the viability of attacks that lead to privilege escalation. PostgreSQL 18.1 and...

8.2CVSS6AI score0.00335EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2026/02/12 2:16 p.m.3 views

CVE-2026-2004

Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected...

8.8CVSS5.9AI score0.00497EPSS
Exploits0References4
UbuntuCve
UbuntuCveadded 2026/02/12 2:16 p.m.5 views

CVE-2026-2006

Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12,...

8.8CVSS6.2AI score0.00659EPSS
Exploits0References4
UbuntuCve
UbuntuCveadded 2026/02/12 2:16 p.m.3 views

CVE-2026-2003

Improper validation of type "oidvector" in PostgreSQL allows a database user to disclose a few bytes of server memory. We have not ruled out viability of attacks that arrange for presence of confidential information in disclosed bytes, but they seem unlikely. Versions before PostgreSQL 18.2, 17.8...

4.3CVSS5.8AI score0.00281EPSS
Exploits0References4
UbuntuCve
UbuntuCveadded 2026/02/12 2:16 p.m.4 views

CVE-2026-2005

Heap buffer overflow in PostgreSQL pgcrypto allows a ciphertext provider to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected...

8.8CVSS6.2AI score0.00678EPSS
Exploits3References4
OSV
OSVadded 2026/02/12 2:16 p.m.0 views

UBUNTU-CVE-2026-2004

Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected...

8.8CVSS6.2AI score0.00497EPSS
Exploits0References5
OSV
OSVadded 2026/02/12 2:16 p.m.2 views

UBUNTU-CVE-2026-2006

Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12,...

8.8CVSS6.3AI score0.00659EPSS
Exploits0References5
OSV
OSVadded 2026/02/12 2:16 p.m.1 views

UBUNTU-CVE-2026-2005

Heap buffer overflow in PostgreSQL pgcrypto allows a ciphertext provider to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected...

8.8CVSS6.4AI score0.00678EPSS
Exploits3References5
OSV
OSVadded 2026/02/12 2:16 p.m.2 views

UBUNTU-CVE-2026-2003

Improper validation of type "oidvector" in PostgreSQL allows a database user to disclose a few bytes of server memory. We have not ruled out viability of attacks that arrange for presence of confidential information in disclosed bytes, but they seem unlikely. Versions before PostgreSQL 18.2, 17.8...

4.3CVSS5.7AI score0.00281EPSS
Exploits0References5
OSV
OSVadded 2026/02/12 2:16 p.m.1 views

UBUNTU-CVE-2026-2007

Heap buffer overflow in PostgreSQL pgtrgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has limited control over the byte patterns to be written, but we have not ruled out the viability of attacks that lead to privilege escalation. PostgreSQL 18.1 and...

8.2CVSS6AI score0.00335EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/02/12 1:0 p.m.3 views

CVE-2026-2007

Heap buffer overflow in PostgreSQL pgtrgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has limited control over the byte patterns to be written, but we have not ruled out the viability of attacks that lead to privilege escalation. PostgreSQL 18.1 and...

8.2CVSS5.8AI score0.00335EPSS
Exploits0References2
CVE
CVEadded 2026/02/12 1:0 p.m.36 views

CVE-2026-2007

CVE-2026-2007 affects PostgreSQL 18.0 and 18.1 due to a heap buffer overflow in the pg_trgm component, where crafted input strings can write patterns into server memory. The attacker’s control over the byte patterns is limited, and the document notes unknown impacts, with a potential for privileg...

8.2CVSS5.8AI score0.00335EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2026/02/12 1:0 p.m.36 views

CVE-2026-2007 PostgreSQL pg_trgm heap buffer overflow writes pattern onto server memory

Heap buffer overflow in PostgreSQL pgtrgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has limited control over the byte patterns to be written, but we have not ruled out the viability of attacks that lead to privilege escalation. PostgreSQL 18.1 and...

8.2CVSS0.00335EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/02/12 1:0 p.m.5 views

CVE-2026-2007 PostgreSQL pg_trgm heap buffer overflow writes pattern onto server memory

Heap buffer overflow in PostgreSQL pgtrgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has limited control over the byte patterns to be written, but we have not ruled out the viability of attacks that lead to privilege escalation. PostgreSQL 18.1 and...

8.2CVSS5.8AI score0.00335EPSS
Exploits0References1
AlpineLinux
AlpineLinuxadded 2026/02/12 1:0 p.m.5 views

CVE-2026-2007

Heap buffer overflow in PostgreSQL pgtrgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has limited control over the byte patterns to be written, but we have not ruled out the viability of attacks that lead to privilege escalation. PostgreSQL 18.1 and...

8.2CVSS5.8AI score0.00335EPSS
Exploits0
Debian CVE
Debian CVEadded 2026/02/12 1:0 p.m.8 views

CVE-2026-2007

Heap buffer overflow in PostgreSQL pgtrgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has limited control over the byte patterns to be written, but we have not ruled out the viability of attacks that lead to privilege escalation. PostgreSQL 18.1 and...

8.2CVSS5.6AI score0.00335EPSS
Exploits0
Rows per page
Query Builder