| Bug | Description |
|---|
| CVE-2026-6638 | SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... ... |
| CVE-2026-6637 | Stack buffer overflow in PostgreSQL module "refint" allows an unprivil ... |
| CVE-2026-6575 | Buffer over-read in PostgreSQL function pg_restore_attribute_stats() a ... |
| CVE-2026-6479 | Uncontrolled recursion in PostgreSQL SSL and GSS negotiation allows an ... |
| CVE-2026-6478 | Covert timing channel in comparison of MD5-hashed password in PostgreS ... |
| CVE-2026-6477 | Use of inherently dangerous function PQfn(..., result_is_int=0, ...) i ... |
| CVE-2026-6476 | SQL injection in PostgreSQL pg_createsubscriber allows an attacker wit ... |
| CVE-2026-6475 | Symlink following in PostgreSQL pg_basebackup plain format and in pg_r ... |
| CVE-2026-6474 | Externally-controlled format string in PostgreSQL timeofday() function ... |
| CVE-2026-6473 | Integer wraparound in multiple PostgreSQL server features allows an un ... |
| CVE-2026-6472 | Missing authorization in PostgreSQL CREATE TYPE allows an object creat ... |
| CVE-2026-2007 | Heap buffer overflow in PostgreSQL pg_trgm allows a database user to a ... |
| CVE-2026-2006 | Missing validation of multibyte character length in PostgreSQL text ma ... |
| CVE-2026-2005 | Heap buffer overflow in PostgreSQL pgcrypto allows a ciphertext provid ... |
| CVE-2026-2004 | Missing validation of type of input in PostgreSQL intarray extension s ... |
| CVE-2026-2003 | Improper validation of type "oidvector" in PostgreSQL allows a databas ... |
| CVE-2025-12818 | Integer wraparound in multiple PostgreSQL libpq client library functio ... |
| CVE-2025-12817 | Missing authorization in PostgreSQL CREATE STATISTICS command allows a ... |