CVE-2026-2007

HIGH

8.2

Beschreibung

Heap buffer overflow in PostgreSQL pg_trgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has limited control over the byte patterns to be written, but we have not ruled out the viability of attacks that lead to privilege escalation. PostgreSQL 18.1 and 18.0 are affected.

CVE Details

CVSS v3.1 Bewertung8.2

SchweregradHIGH

CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

AngriffsvektorNETWORK

KomplexitatLOW

Erforderliche PrivilegienNONE

BenutzerinteraktionNONE

Veroffentlicht2/12/2026

Zuletzt geandert2/20/2026

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

postgresql:postgresql

Schwachen (CWE)

CWE-122

Referenzen

https://www.postgresql.org/support/security/CVE-2026-2007/(f86ef6dc-4d3a-42ad-8f28-e6d5547a5007)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.