| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-2007 | PostgreSQL pg_trgm heap buffer overflow writes pattern onto server memory | - | PostgreSQL | High | 8.2 | 2026-02-12 13:00:11 | Deep Dive |
| CVE-2026-2006 | PostgreSQL missing validation of multibyte character length executes arbitrary code | - | PostgreSQL | High | 8.8 | 2026-02-12 13:00:10 | Deep Dive |
| CVE-2026-2005 | PostgreSQL pgcrypto heap buffer overflow executes arbitrary code | - | PostgreSQL | High | 8.8 | 2026-02-12 13:00:10 | Deep Dive |
| CVE-2026-2004 | PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code | - | PostgreSQL | High | 8.8 | 2026-02-12 13:00:09 | Deep Dive |
| CVE-2026-2003 | PostgreSQL oidvector discloses a few bytes of memory | - | PostgreSQL | Medium | 4.3 | 2026-02-12 13:00:06 | Deep Dive |
| CVE-2026-2361 | Improper search_path protection in PostgreSQL Anonymizer 2.5 allows any user with create privilege to gain superuser privileges | DALIBO | PostgreSQL Anonymizer | High | 8.0 | 2026-02-11 17:48:04 | Deep Dive |
| CVE-2026-2360 | Improper search_path protection in PostgreSQL Anonymizer 2.5 allows any user to gain superuser privileges in PostgreSQL 14 | DALIBO | PostgreSQL Anonymizer | High | 8.0 | 2026-02-11 17:47:56 | Deep Dive |
| CVE-2025-10703 | Progress多款产品 代码注入漏洞 | Progress | DataDirect Connect for JDBC for Amazon Redshift | - | - | 2025-11-19 15:47:08 | Deep Dive |
| CVE-2025-10702 | Progress多款产品 代码注入漏洞 | Progress | DataDirect Connect for JDBC for Amazon Redshift | - | - | 2025-11-19 15:46:27 | Deep Dive |
| CVE-2025-12818 | PostgreSQL libpq undersizes allocations, via integer wraparound | - | PostgreSQL | Medium | 5.9 | 2025-11-13 13:00:13 | Deep Dive |
| CVE-2025-12817 | PostgreSQL CREATE STATISTICS does not check for schema CREATE privilege | - | PostgreSQL | Low | 3.1 | 2025-11-13 13:00:12 | Deep Dive |
| CVE-2025-8715 | PostgreSQL pg_dump newline in object name executes arbitrary code in psql client and in restore target server | - | PostgreSQL | High | 8.8 | 2025-08-14 13:00:08 | Deep Dive |
| CVE-2025-8714 | PostgreSQL pg_dump lets superuser of origin server execute arbitrary code in psql client | - | PostgreSQL | High | 8.8 | 2025-08-14 13:00:07 | Deep Dive |
| CVE-2025-8713 | PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table | - | PostgreSQL | Low | 3.1 | 2025-08-14 13:00:06 | Deep Dive |
| CVE-2025-5690 | Cursor allows PostgreSQL Anonymizer masked user to gain unauthorized access to authentic data | DALIBO | PostgreSQL Anonymizer | Medium | 6.5 | 2025-06-04 21:34:47 | Deep Dive |
| CVE-2025-4207 | PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation | - | PostgreSQL | Medium | 5.9 | 2025-05-08 14:22:46 | Deep Dive |
| CVE-2025-1094 | PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation | - | PostgreSQL | High | 8.1 | 2025-02-13 13:00:02 | Deep Dive |
| CVE-2024-10979 | PostgreSQL PL/Perl environment variable changes execute arbitrary code | - | PostgreSQL | High | 8.8 | 2024-11-14 13:00:09 | Deep Dive |
| CVE-2024-10978 | PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID | - | PostgreSQL | Medium | 4.2 | 2024-11-14 13:00:07 | Deep Dive |
| CVE-2024-10977 | PostgreSQL libpq retains an error message from man-in-the-middle | - | PostgreSQL | Low | 3.1 | 2024-11-14 13:00:06 | Deep Dive |