CVE-2026-11400

CVE-2026-11400 describes an untrusted search path vulnerability in the GlobalDatabasePlugin of the AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL. A remote authenticated low-privilege actor can escalate privileges to another Amazon RDS user, including rds_superuser, by creating a crafted ...

CVE-2026-6477

A flaw was found in PostgreSQL libpq. A server superuser can exploit a buffer overflow vulnerability in the PQfn function, which is used by client functions such as loexport, loread, lolseek64, and lotell64. This allows the superuser to send an arbitrarily large response, overwriting the client's...

📄 Drupal core 10.5.5 SQL Injection

This proof of concept demonstrates an error-based remote SQL injection vulnerability in Drupal core version 10.5.5 PostgreSQL. User-controlled JSON:API filter array keys influence SQL query construction, allowing database information disclosure through SQL error messages. Exploit Title: Drupal Co...

CVE-2026-45288 Marten has an SQL injection vulnerability in its full-text search regConfig parameter

Marten is a .NET Transactional Document DB and Event Store on PostgreSQL. Prior to 8.36.1, Marten's full-text search APIs interpolated the user-supplied regConfig parameter directly into the generated SQL without parameterization or validation, making every code path that exposes regConfig to...

CVE-2026-44477 CloudNativePG: Metrics exporter allows privilege escalation to PostgreSQL superuser and OS RCE

CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. Prior to 1.29.1 and 1.28.3, the CloudNativePG metrics exporter opens its PostgreSQL connection as the postgres superuser via the pod-local Unix socket, then demotes the session with SET ROLE...

CVE-2026-6478

A flaw was found in PostgreSQL. This vulnerability, a covert timing channel, exists in the comparison of MD5-hashed passwords during authentication. A remote attacker could exploit this to recover user credentials, gaining unauthorized access to the database. This issue specifically impacts...

CVE-2026-9617

CVE-2026-9617 — PostgreSQL Anonymizer: A vulnerability lets a user gain superuser privileges by creating a table and embedding malicious code in a column identifier, executed when a superuser runs the k_anonymity() function. Affected environment includes PostgreSQL Anonymizer extensions; higher r...

CLSA-2026-1779870008 Fix of 7 CVEs

SECURITY UPDATE: postgresql May-2026 CVE batch - debian/patches/CVE-2026-6473.patch: integer overflow fixes across multiple vulnerable sites: formatting.c size calculations mulsize, intarray/ltxtquery findoprnd left-offset overflow with int16 check, ltree lquery numvar/totallen overflow with...

Twenty 安全漏洞

Twenty is an open-source CRM platform developed by Twenty. Versions 1.7.7 to 1.16.7 of Twenty contain security vulnerabilities. These vulnerabilities stem from SQL injection attacks via uncleaned timeZone parameters and PostgreSQL COPY TO PROGRAM attacks, which may allow authenticated users to...

twitter-clone SQL注入漏洞

twitter-clone is an application by Fiffe Individual Developers. twitter-clone uses + Vue 3 + light to go development + TailwindCSS + PostgreSQL + recapitulation Twitter-Clone version 1 suffers from a SQL injection vulnerability that stems from the injection of SQL code via the userid parameter in...

Exploit for Path Traversal in Fortinet Fortiproxy

CVE-2018-13379 — Mass Exploit for Fortine...

CLSA-2026-1779494089 Fix of 7 CVEs

SECURITY UPDATE: PostgreSQL 2026-05-14 security batch CVE-2026-6473, 6474, 6475, 6477, 6478, 6479, 6637. Backports adapted from upstream REL14STABLE to PG 12 source. - debian/patches/CVE-2026-6473.patch: integer wraparound in tsheadline and ltree lquery parsing; bound...

Imperva Customers Protected Against CVE-2026-9082 in Drupal Core

TL;DR:CVE-2026-9082 is a highly critical SQL injection vulnerability in Drupal core that can be exploited by unauthenticated users against Drupal sites using PostgreSQL. The vulnerability affects Drupal’s database abstraction API and can allow specially crafted requests to trigger arbitrary SQL...

Exploit for CVE-2026-9082

CVE-2026-9082 — Drupal Core PostgreSQL SQL Injection PoC...

Astra Linux - уязвимость в rails

The PostgreSQL adapter in Active Record before versions 6.1.2.1, 6.0.3.5, and 5.2.4.5 is vulnerable to a regular expression denial of service REDoS vulnerability. Carefully crafted inputs can cause the input validation for the money type in the PostgreSQL adapter in Active Record to spend too muc...

postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code

Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database...

postgresql: PostgreSQL pgcrypto heap buffer overflow executes arbitrary code

A heap based buffer overflow flaw has been discovered in PostgreSQL. This Heap buffer overflow is in the pgcrypto component and allows a ciphertext provider to execute arbitrary code as the operating system user running the database...

postgresql: PostgreSQL oidvector discloses a few bytes of memory

A type validation flaw has been discovered in postgresql. Improper validation of the type "oidvector" in PostgreSQL allows a database user to disclose a few bytes of server memory. It is possible that this may expose confidential information but it is unlikely...

postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code

Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database...

postgresql: PostgreSQL pgcrypto heap buffer overflow executes arbitrary code

A heap based buffer overflow flaw has been discovered in PostgreSQL. This Heap buffer overflow is in the pgcrypto component and allows a ciphertext provider to execute arbitrary code as the operating system user running the database...