CVE-2026-2004

HIGH

RHSA-2026:4544 Red Hat Security Advisory: postgresql:16 security update

Details

CVSS v3: 8.8
NVD published: 2026-02-12 14:16:02
EPSS: 0.1% probability · 30.1th percentile — 2026-03-12
Affected versions: cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
Summary: Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected.
Remediation: Not available in our cache.
Exploit info: Not available in our cache.

TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.

Subscribe — free email digest or paid plan

Information is aggregated from multiple authoritative sources for convenience; verify with NVD and vendors before operational decisions.