PostgreSQL Incorrect Permission Assignment for Critical Resource Vulnerability - CVE-2018-1115
postgresql before versions 10.4 9.6.9 is vulnerable in the adminpack extension the pg_catalog.pg_logfile_rotate() function doesn39t follow the same ACLs than pg_rorate_logfile. If the adminpack is added to a database an attacker able to connect to it could exploit this to force log rotation.