PostgreSQL Improper Validation of Array Index Vulnerability - CVE-2026-2006
Reference:
CVE-2026-2006
Title:
PostgreSQL Improper Validation of Array Index Vulnerability
Overview:
Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun. That suffices to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2 17.8 16.12 15.16 and 14.21 are affected.