CVE-2026-6479

ADVISORY - nist

Summary

Uncontrolled recursion in PostgreSQL SSL and GSS negotiation allows an attacker able to connect to a PostgreSQL AF_UNIX socket to achieve sustained denial of service. If SSL and GSS are both disabled, an attacker can do the same via access to a PostgreSQL TCP socket. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected.

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-674⁠

Uncontrolled Recursion

Impacted images

Advisories

NIST

CREATED

12 hours ago

UPDATED

10 hours ago

ADVISORY IDCVE-2026-6479⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)

CVSS SCORE

7.5high

Alpine

CREATED

6 hours ago

UPDATED

6 hours ago

ADVISORY IDCVE-2026-6479⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

10 hours ago

UPDATED

7 hours ago

ADVISORY IDCVE-2026-6479⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY