CVE-2026-2006

ADVISORY - nist

Summary

Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected.

EPSS Score⁠: 0.00071 (0.217)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-129⁠

Improper Validation of Array Index

ADVISORY - redhat

CWE-1285⁠

Improper Validation of Specified Index, Position, or Offset in Input

Impacted images

Advisories

NIST

CREATED

8 days ago

UPDATED

8 days ago

ADVISORY IDCVE-2026-2006⁠

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-129⁠

CVSS SCORE

8.8high

Alpine

CREATED

5 days ago

UPDATED

5 days ago

ADVISORY IDCVE-2026-2006⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

8 days ago

UPDATED

5 hours ago

ADVISORY IDCVE-2026-2006⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

7 days ago

UPDATED

7 days ago

ADVISORY IDCVE-2026-2006⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Bitnami

CREATED

4 days ago

UPDATED

4 days ago

ADVISORY ID

BIT-postgresql-2026-2006

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

8.8high

Red Hat

CREATED

8 days ago

UPDATED

7 days ago

ADVISORY IDCVE-2026-2006⁠

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-1285⁠

CVSS SCORE

8.8high

minimos

CREATED

7 days ago

UPDATED

7 days ago

ADVISORY ID

MINI-3mvw-743p-p89h

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

7 days ago

UPDATED

7 days ago

ADVISORY ID

MINI-8948-336c-jxqf

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

7 days ago

UPDATED

7 days ago

ADVISORY ID

MINI-f4jm-5gcw-wrrp

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

7 days ago

UPDATED

7 days ago

ADVISORY ID

MINI-qqqc-gxgp-249h

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

7 days ago

UPDATED

7 days ago

ADVISORY ID

MINI-r2g3-cxvm-rm4h

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

7 days ago

UPDATED

7 days ago

ADVISORY ID

MINI-rv4f-cj7h-q55v

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY