233591 matches found
CVE-2026-6637
The CVE-2026-6637 issue affects PostgreSQL’s refint module, causing a stack buffer overflow that could allow an unprivileged database user to execute arbitrary OS-level code running the database. A separate attack path exists when an application exposes a user-controlled column as a refint cascad...
CVE-2026-6638
Summary: CVE-2026-6638 is a SQL injection vulnerability in PostgreSQL’s logical replication via ALTER SUBSCRIPTION ... REFRESH PUBLICATION. The issue affects major versions 16, 17, and 18 with specific vulnerable minor versions (16.14, 17.10, 18.4) and is triggered at the next REFRESH PUBLICATION...
EUVD-2026-30290
SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect at the next REFRESH PUBLICATION. Within major versions 16, 17, and 18...
CVE-2026-6638 PostgreSQL REFRESH PUBLICATION allows SQL injection via table name
SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect at the next REFRESH PUBLICATION. Within major versions 16, 17, and 18...
CVE-2026-6638 PostgreSQL REFRESH PUBLICATION allows SQL injection via table name
SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect at the next REFRESH PUBLICATION. Within major versions 16, 17, and 18...
CVE-2026-6638
SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect at the next REFRESH PUBLICATION. Within major versions 16, 17, and 18...
CVE-2026-6476 PostgreSQL pg_createsubscriber allows SQL injection via subscription name
SQL injection in PostgreSQL pgcreatesubscriber allows an attacker with pgcreatesubscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pgcreatesubscriber next runs. Within major versions 17 and 18, minor versions before PostgreSQL 18.4 and 17.10 are affected...
EUVD-2026-30285
SQL injection in PostgreSQL pgcreatesubscriber allows an attacker with pgcreatesubscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pgcreatesubscriber next runs. Within major versions 17 and 18, minor versions before PostgreSQL 18.4 and 17.10 are affected...
CVE-2026-6476
SQL injection in PostgreSQL pgcreatesubscriber allows an attacker with pgcreatesubscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pgcreatesubscriber next runs. Within major versions 17 and 18, minor versions before PostgreSQL 18.4 and 17.10 are affected...
CVE-2026-6476
SQL injection in PostgreSQL pgcreatesubscriber allows an attacker with pgcreatesubscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pgcreatesubscriber next runs. Within major versions 17 and 18, minor versions before PostgreSQL 18.4 and 17.10 are affected...
CVE-2026-6476
CVE-2026-6476 describes a SQL injection in PostgreSQL pg_createsubscriber. An attacker with pg_create_subscription rights can execute arbitrary SQL as a superuser when pg_createsubscriber runs next. Affected are major versions 17 and 18, with minor versions before PostgreSQL 18.4 and 17.10; versi...
CVE-2026-6476
SQL injection in PostgreSQL pgcreatesubscriber allows an attacker with pgcreatesubscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pgcreatesubscriber next runs. Within major versions 17 and 18, minor versions before PostgreSQL 18.4 and 17.10 are affected...
CVE-2026-6476 PostgreSQL pg_createsubscriber allows SQL injection via subscription name
SQL injection in PostgreSQL pgcreatesubscriber allows an attacker with pgcreatesubscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pgcreatesubscriber next runs. Within major versions 17 and 18, minor versions before PostgreSQL 18.4 and 17.10 are affected...
CVE-2025-11024
Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows Blind SQL Injection. This issue affects E-Commerce Website: before 4.5.001...
EUVD-2026-30251
The Taskbuilder – Project Management & Task Management Tool With Kanban Board plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'projectsearch' parameter in all versions up to, and including, 5.0.6 due to insufficient escaping on the user supplied parameter and lack of...
CVE-2026-6225 Taskbuilder – Project Management & Task Management Tool With Kanban Board <= 5.0.6 - Authenticated (Subscriber+) Time-Based Blind SQL Injection via 'project_search' Parameter
The Taskbuilder – Project Management & Task Management Tool With Kanban Board plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'projectsearch' parameter in all versions up to, and including, 5.0.6 due to insufficient escaping on the user supplied parameter and lack of...
CVE-2026-5486
The Unlimited Elements for Elementor plugin for WordPress is vulnerable to SQL Injection via the 'datafiltersearch' parameter in the getcataddons AJAX action in versions up to and including 2.0.7. This is due to insufficient input sanitization and the use of deprecated escaping functions combined...
DEBIAN-CVE-2026-46446
SOGo before 5.12.7, when PostgreSQL or MariaDB is used, and cleartext passwords are stored, allows SQL injection. This is related to cpassword = '%@' in changePasswordForLogin...
DEBIAN-CVE-2026-46445
SOGo before 5.12.7, when PostgreSQL is used, allows SQL injection...
CVE-2026-46446
SOGo before 5.12.7, when PostgreSQL or MariaDB is used, and cleartext passwords are stored, allows SQL injection. This is related to cpassword = '%@' in changePasswordForLogin...