PostgreSQL – TheCyberThrone

CVE-2026-20253 — Splunk Enterprise Unauthenticated RCE

Severity: CriticalCVSS v3.1 Score: 9.8CWE: CWE-306 — Missing Authentication for Critical FunctionVendor Advisory: SVD-2026-0603 What Is Vulnerable CVE-2026-20253 affects Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform…

PravinKarthik June 14, 2026

CVE-2026-2005 | PostgreSQL pgcrypto — Heap Buffer Overflow

Vulnerability Summary CVE-2026-2005 is a heap buffer overflow vulnerability in the PostgreSQL pgcrypto extension. A ciphertext provider can trigger the overflow to execute arbitrary code as the operating system user…

PravinKarthik May 24, 2026

CVE-2025-1094 impacts PostgreSQL with SQL Injection

CVE-2025-1094 is a critical security vulnerability affecting the PostgreSQL interactive tool psql. This vulnerability presents significant risks to the integrity and security of database systems using PostgreSQL. Nature of the…

PravinKarthik February 15, 2025

PostgreSQL fixes CVE-2024-10979

Security researchers have discovered that a vulnerability in PostgreSQL has the potential to compromise the security of countless databases worldwide This vulnerability is tracked as CVE-2024-10979, with a CVSS score…

PravinKarthik November 16, 2024

PostgreSQL TOCTOU Vulnerability CVE-2024-7348

PostgreSQL has released a security advisory, related to a vulnerability that exposes users to the risk of arbitrary SQL execution during pg_dump operations, potentially allowing attackers to execute harmful functions…

PravinKarthik August 13, 2024

Azure Security

Cross Tenant bug in PostgreSQL

Microsoft has patched a flaw in Azure PostgreSQL which could have been exploited to execute malicious code described as a cross-account database vulnerability in Azure's infrastructure. According to researchers, a…

PravinKarthik April 28, 2022