HIGHCVE-2026-6476Published Modified CNA PostgreSQL
CVE-2026-6476: PostgreSQL pg_createsubscriber allows SQL injection via subscription name
SQL injection in PostgreSQL pg_createsubscriber allows an attacker with pg_create_subscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pg_createsubscriber next runs. Within major versions 17 and 18, minor versions before PostgreSQL 18.4 and 17.10 are affected. Versions before PostgreSQL 17 are unaffected.
Metrics
- CVSS v3.1
- 7.2
- Severity
- HIGH
- Fixed in
- 17.10
- Affected Products
- 1
Fix available
17.1018.4
Affected packages
- n/a / PostgreSQL< 18.4 (from 18) · < 17.10 (from 17)
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HReferences