PostgreSQL Uncontrolled Recursion Vulnerability - CVE-2026-6479

Uncontrolled recursion in PostgreSQL SSL and GSS negotiation allows an attacker able to connect to a PostgreSQL AF_UNIX socket to achieve sustained denial of service. If SSL and GSS are both disabled an attacker can do the same via access to a PostgreSQL TCP socket. Versions before PostgreSQL 18.4 17.10 16.14 15.18 and 14.23 are affected.