Pgbouncer · Pgbouncer · CVE-2026-6664
**Name of the Vulnerable Software and Affected Versions**
PgBouncer versions prior to 1.25.2
**Description**
An integer overflow in the network packet parsing code allows an unauthenticated remote attacker to bypass a boundary check. By sending a malformed SCRAM authentication packet, the attacker can cause the system to crash, resulting in a denial of service.
**Recommendations**
Update to version 1.25.2.