Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
PostgreSQL Use of Externally-Controlled Format String Vulnerability - CVE-2026-6474 - Vulnerability Database
PostgreSQL

PostgreSQL Use of Externally-Controlled Format String Vulnerability - CVE-2026-6474

Medium
Reference: CVE-2026-6474
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2026-6474
Title: PostgreSQL Use of Externally-Controlled Format String Vulnerability
Overview:

Externally-controlled format string in PostgreSQL timeofday() function allows an attacker to retrieve portions of server memory via crafted timezone zones. Versions before PostgreSQL 18.4 17.10 16.14 15.18 and 14.23 are affected.