CVE-2026-6638

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions PostgreSQL versions 16.0 through 16.13 PostgreSQL versions 17.0 through 17.9 PostgreSQL versions 18.0 through 18.3

Description SQL injection in logical replication occurs when using the 'ALTER SUBSCRIPTION ... REFRESH PUBLICATION' command. This allows a subscriber table creator to execute arbitrary SQL using the credentials of the subscription's publication side. The execution is triggered during the subsequent REFRESH PUBLICATION operation.

Recommendations Update versions 16.x to 16.14 Update versions 17.x to 17.10 Update versions 18.x to 18.4

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

BDU:2026-07093

BIT-POSTGRESQL-2026-6638

CVE-2026-6638

ECHO-1169-1A51-1552

OPENSUSE-SU-2026:10808-1

OPENSUSE-SU-2026:10809-1

OPENSUSE-SU-2026:10828-1

USN-8294-1

Affected Products

Linuxmint

Postgresql

Ubuntu

CVE-2026-6638

Weakness Enumeration

Related Identifiers

Affected Products

References · 43