PostgreSQL: Updates patch high-risk security vulnerabilities

Several security vulnerabilities have been discovered in the PostgreSQL database, which could allow attackers to inject SQL commands, among other things. Updated software is available. IT managers should update quickly.

The developers of PostgreSQL write in a release announcement that the newly available versions 18.4, 17.10, 16.14, 15.18, and 14.23 fix a total of eleven vulnerabilities. Several of these narrowly miss being classified as critical security flaws. An integer underflow in several functions allows attackers to allocate memory areas that are too small and write outside the intended memory boundaries; this leads to segmentation faults (crashes) (CVE-2026-6473, CVSS 8.8, Risk “high”). Due to a symbolic link following vulnerability in pg_basebackup and pg_rewind, an origin superuser can overwrite local files such as “/var/lib/postgres/.bashrc” and thus take over the operating system account (CVE-2026-6475, CVSS 8.8, Risk “high”). Another vulnerability allows server superusers to overwrite client memory on the stack (CVE-2026-6477, CVSS 8.8, Risk “high”).

Finally, a stack-based buffer overflow in refint allows database users with low privileges to execute arbitrary code as the database user in the operating system, and an SQL injection attack is also possible (CVE-2026-6637, CVSS 8.8, Risk “high”). The developers classify two further vulnerabilities as high risk, four as medium threat, and one as low risk.

Numerous Bugfixes

In addition to the eleven vulnerabilities, the developers also fixed more than 60 bugs in the updated packages. The release announcement lists 24 of them, which particularly affect PostgreSQL 18. On the download page of the PostgreSQL project, you can find current installer packages for the important operating systems and several Linux distributions.

(dmk)