CVE-2026-2005

ADVISORY - nist

Summary

Heap buffer overflow in PostgreSQL pgcrypto allows a ciphertext provider to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected.

EPSS Score⁠: 0.00066 (0.202)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-122⁠

Heap-based Buffer Overflow

ADVISORY - redhat

CWE-120⁠

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.