Lucene search
K

1625 matches found

Vulnrichment
Vulnrichment
added 2026/05/28 3:46 p.m.9 views

CVE-2026-44477 CloudNativePG: Metrics exporter allows privilege escalation to PostgreSQL superuser and OS RCE

CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. Prior to 1.29.1 and 1.28.3, the CloudNativePG metrics exporter opens its PostgreSQL connection as the postgres superuser via the pod-local Unix socket, then demotes the session with SET ROLE...

9.4CVSS5.8AI score0.0048EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/28 3:46 p.m.10 views

EUVD-2026-32930

CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. Prior to 1.29.1 and 1.28.3, the CloudNativePG metrics exporter opens its PostgreSQL connection as the postgres superuser via the pod-local Unix socket, then demotes the session with SET ROLE...

9.4CVSS5.9AI score0.0048EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/28 3:46 p.m.34 views

CVE-2026-44477 CloudNativePG: Metrics exporter allows privilege escalation to PostgreSQL superuser and OS RCE

CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. Prior to 1.29.1 and 1.28.3, the CloudNativePG metrics exporter opens its PostgreSQL connection as the postgres superuser via the pod-local Unix socket, then demotes the session with SET ROLE...

9.4CVSS0.0048EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/28 3:46 p.m.13 views

CVE-2026-44477

CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. Prior to 1.29.1 and 1.28.3, the CloudNativePG metrics exporter opens its PostgreSQL connection as the postgres superuser via the pod-local Unix socket, then demotes the session with SET ROLE...

9.4CVSS5.9AI score0.0048EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/05/27 2:17 p.m.21 views

CVE-2026-9617

PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a table and placing malicious code inside a column identifier. If a superuser calls the k-anonymity function, the malicious code is executed with superuser privileges. The risk is higher wit...

8.8CVSS0.0025EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 1:55 p.m.10 views

CVE-2026-9617

PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a table and placing malicious code inside a column identifier. If a superuser calls the k-anonymity function, the malicious code is executed with superuser privileges. The risk is higher wit...

6.8CVSS5.9AI score0.0025EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/05/27 1:55 p.m.11 views

EUVD-2026-32504

PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a table and placing malicious code inside a column identifier. If a superuser calls the k-anonymity function, the malicious code is executed with superuser privileges. The risk is higher wit...

6.8CVSS5.9AI score0.0025EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/05/27 1:55 p.m.9 views

CVE-2026-9617 PostgreSQL Anonymizer: malicious column name allows SQL injection via anon.k_anonymity() function

PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a table and placing malicious code inside a column identifier. If a superuser calls the k-anonymity function, the malicious code is executed with superuser privileges. The risk is higher wit...

6.8CVSS5.9AI score0.0025EPSS
Exploits1References1
CVE
CVE
added 2026/05/27 1:55 p.m.36 views

CVE-2026-9617

CVE-2026-9617 — PostgreSQL Anonymizer: A vulnerability lets a user gain superuser privileges by creating a table and embedding malicious code in a column identifier, executed when a superuser runs the k_anonymity() function. Affected environment includes PostgreSQL Anonymizer extensions; higher r...

8.8CVSS5.9AI score0.0025EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/05/27 1:55 p.m.47 views

CVE-2026-9617 PostgreSQL Anonymizer: malicious column name allows SQL injection via anon.k_anonymity() function

PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a table and placing malicious code inside a column identifier. If a superuser calls the k-anonymity function, the malicious code is executed with superuser privileges. The risk is higher wit...

6.8CVSS0.0025EPSS
Exploits1References1
OSV
OSV
added 2026/05/27 12:3 a.m.12 views

GHSA-P2RJ-MRMC-9W29 Yamcs vulnerable to unauthorized user enumeration via IAM API endpoints

Summary The IAM API endpoints listUsers, getUser, listGroups, and getGroup in yamcs-core do not enforce the required SystemPrivilege.ControlAccess check. As a result, any authenticated user even those with low or no privileges can enumerate all user accounts in the system, including their...

4.3CVSS5.8AI score0.00028EPSS
Exploits2References2
Github Security Blog
Github Security Blog
added 2026/05/27 12:3 a.m.17 views

Yamcs vulnerable to unauthorized user enumeration via IAM API endpoints

Summary The IAM API endpoints listUsers, getUser, listGroups, and getGroup in yamcs-core do not enforce the required SystemPrivilege.ControlAccess check. As a result, any authenticated user even those with low or no privileges can enumerate all user accounts in the system, including their...

5.8AI score0.00028EPSS
Exploits2References2Affected Software1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

PostgreSQL Anonymizer 安全漏洞

PostgreSQL Anonymizer is an open-source extension developed by DALIBO in France, designed to mask or replace personally identifiable information PII or commercially sensitive data in PostgreSQL databases. PostgreSQL Anonymizer has a security vulnerability that stems from allowing users to obtain...

8.8CVSS6AI score0.0025EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.20 views

PT-2026-43992

Name of the Vulnerable Software and Affected Versions PostgreSQL Anonymizer versions prior to 3.1.0 Description An issue allows a user to obtain superuser privileges by creating a table and embedding malicious code within a column identifier. When a superuser invokes the k-anonymity function, the...

8.8CVSS5.9AI score0.0025EPSS
Exploits1References3
EUVD
EUVD
added 2026/05/26 5:1 p.m.17 views

EUVD-2026-31907

Twenty is an open source CRM. From 1.7.7 through 1.16.7, a critical Remote Code Execution RCE vulnerability exists in Twenty CRM via a chained SQL Injection and PostgreSQL COPY TO PROGRAM attack. If Postgres user is a super user then any authenticated user can execute arbitrary OS commands on the...

9.9CVSS6.2AI score0.00483EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/05/26 5:1 p.m.11 views

CVE-2026-46624 Twenty: SQL Injection via the timeZone field

Twenty is an open source CRM. From 1.7.7 through 1.16.7, a critical Remote Code Execution RCE vulnerability exists in Twenty CRM via a chained SQL Injection and PostgreSQL COPY TO PROGRAM attack. If Postgres user is a super user then any authenticated user can execute arbitrary OS commands on the...

9.9CVSS6.2AI score0.00483EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/26 5:1 p.m.47 views

CVE-2026-46624 Twenty: SQL Injection via the timeZone field

Twenty is an open source CRM. From 1.7.7 through 1.16.7, a critical Remote Code Execution RCE vulnerability exists in Twenty CRM via a chained SQL Injection and PostgreSQL COPY TO PROGRAM attack. If Postgres user is a super user then any authenticated user can execute arbitrary OS commands on the...

9.9CVSS0.00483EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

Snipe-IT 安全漏洞

Snipe-IT is a set of open-source IT asset/license management systems developed by Grokability. Versions of Snipe-IT prior to 8.4.1 contained security vulnerabilities. These vulnerabilities stemmed from the API controller, which only removed the superuser key from the permission array, potentially...

8.8CVSS5.8AI score0.00314EPSS
Exploits0References3
NVD
NVD
added 2026/05/22 7:17 p.m.14 views

CVE-2026-40172

authentik is an open-source identity provider. In versions prior to 2025.12.5 and 2026.2.0-rc1 through 2026.2.2, the PATCH /api/v3/core/users/pk/ API allows a caller with changeuser on a target user to assign arbitrary groups through UserSerializer, including groups with issuperuser=True, without...

8.1CVSS0.00392EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/22 7:0 p.m.8 views

CVE-2026-40172

authentik is an open-source identity provider. In versions prior to 2025.12.5 and 2026.2.0-rc1 through 2026.2.2, the PATCH /api/v3/core/users/pk/ API allows a caller with changeuser on a target user to assign arbitrary groups through UserSerializer, including groups with issuperuser=True, without...

8.1CVSS5.9AI score0.00392EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder