PT-2026-7845 · Unknown+5 · Postgresql+4

Team Xint Code

·

Published

2026-01-01

·

Updated

2026-05-19

·

CVE-2026-2005

CVSS v2.0

9.0

High

VectorAV:N/AC:L/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions PostgreSQL versions prior to 18.2 PostgreSQL versions prior to 17.8 PostgreSQL versions prior to 16.12 PostgreSQL versions prior to 15.16 PostgreSQL versions prior to 14.21
Description A heap buffer overflow in the pgcrypto component allows a ciphertext provider to execute arbitrary code as the operating system user running the database. This issue may enable a remote attacker or a low-privilege user to achieve remote code execution (RCE).
Recommendations Update to version 18.2 Update to version 17.8 Update to version 16.12 Update to version 15.16 Update to version 14.21 As a temporary workaround, consider restricting the use of the pgcrypto module to minimize the risk of exploitation.

Fix

DoS

RCE

Heap Based Buffer Overflow

Weakness Enumeration

CWE-122

Related Identifiers

ALSA-2026:19009
ALSA-2026:19010
ALSA-2026:3730
ALSA-2026:3887
ALSA-2026:3896
ALSA-2026:4024
ALSA-2026:4059
ALSA-2026:4063
ALSA-2026:4064
ALSA-2026:4110
AZL-77417
AZL-77586
BDU:2026-01722
BIT-POSTGRESQL-2026-2005
CVE-2026-2005
ECHO-D29C-18A6-323F
JLSEC-2026-55
MGASA-2026-0041
OESA-2026-1493
OESA-2026-1494
OESA-2026-1495
OESA-2026-1496
OESA-2026-1512
OESA-2026-1513
OESA-2026-1514
OESA-2026-1515
OESA-2026-1531
OPENSUSE-SU-2026:10190-1
OPENSUSE-SU-2026:10191-1
OPENSUSE-SU-2026:10192-1
OPENSUSE-SU-2026:10193-1
OPENSUSE-SU-2026:10197-1
OPENSUSE-SU-2026:20265-1
OPENSUSE-SU-2026:20266-1
OPENSUSE-SU-2026:20388-1
OPENSUSE-SU-2026:20408-1
OPENSUSE-SU-2026:20447-1
RHSA-2026:3730
RHSA-2026:3887
RHSA-2026:3896
RHSA-2026:4024
RHSA-2026:4059
RHSA-2026:4063
RHSA-2026:4064
RHSA-2026:4074
RHSA-2026:4075
RHSA-2026:4110
RHSA-2026:4254
RHSA-2026:4441
RHSA-2026:4475
RHSA-2026:4504
RHSA-2026:4505
RHSA-2026:4506
RHSA-2026:4509
RHSA-2026:4515
RHSA-2026:4516
RHSA-2026:4518
RHSA-2026:4524
RHSA-2026:4528
RHSA-2026:4544
RHSA-2026:4546
RHSA-2026:4547
RHSA-2026:4548
RHSA-2026:8756
SUSE-SU-2026:0584-1
SUSE-SU-2026:0585-1
SUSE-SU-2026:0586-1
SUSE-SU-2026:0588-1
SUSE-SU-2026:0614-1
SUSE-SU-2026:0615-1
SUSE-SU-2026:0616-1
SUSE-SU-2026:0768-1
SUSE-SU-2026:0770-1
SUSE-SU-2026:0771-1
SUSE-SU-2026:0786-1
SUSE-SU-2026:0881-1
SUSE-SU-2026:0882-1
SUSE-SU-2026:0883-1
SUSE-SU-2026:20587-1
SUSE-SU-2026:20588-1
SUSE-SU-2026:20906-1
SUSE-SU-2026:20921-1
SUSE-SU-2026:20983-1
USN-8072-1

Affected Products

Linuxmint
Postgresql
Red Os
Rocky Linux
Ubuntu