Vulnerability Database>CVE-2026-2005

CVE-2026-2005

Publish date: April 26, 2026

Severity

High

CVSS score

8.8

Package

postgresql-17.6

Affected versions

17.6-2.pgdg13+1+e3

A heap buffer overflow vulnerability in PostgreSQL's pgcrypto module allows a ciphertext provider to execute arbitrary code with the privileges of the operating system user running the database. This issue affects versions prior to PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21.

‍

Learn about Echo's vulnerability management

Learn more

CVE-2026-2005

NVD Record:

References:

Related CVEs: