PostgreSQL News Articles

Recent news articles refferecing the vendors vulnerabilities.

favicon imageDMNews

PostgreSQL vulnerability exploited in US Treasury attack

Discover how a critical PostgreSQL vulnerability led to a significant cyberattack on the US Treasury, exposing sensitive financial data.

favicon imageoodaloop.com

A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094) 

Rapid7 researchers have discovered that the Chinese state-sponsored hackers suspected of being behind the U.S. Treasury attack in December leveraged a

favicon imageHelp Net Security

A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094) - Help Net Security

The hackers breached the US Treasury by leveraging two zero-days: CVE-2024-12356 (in BeyondTrust RS) and CVE-2025-1094 (in PostgreSQL).

favicon imageThe Register

Critical PostgreSQL bug tied to zero-day attack on US Treasury

A high-severity SQL injection bug in the PostgreSQL interactive tool was exploited alongside the zero-day used to break into the US Treasury in December, researchers say. Rapid7's principal security...

favicon imageThe Register

PostgreSQL bug played key role in zero-day Treasury attack

A high-severity SQL injection bug in the PostgreSQL interactive tool was exploited alongside the zero-day used to break into the US Treasury in December, researchers say. Rapid7's principal security...

favicon imageCyber Kendra

PostgreSQL Patched Critical SQL Injection Vulnerability

Security researchers at Rapid7 have uncovered a significant SQL injection vulnerability (CVE-2025-1094) affecting PostgreSQL's interactive terminal tool psql.Rapid7 noted the vulnerability discovered during...

favicon imageCybersecurityNews

PostgreSQL Terminal Tool Injection Vulnerability Allows Remote Code Execution

Researchers have uncovered a high-severity SQL injection vulnerability, CVE-2025-1094, affecting PostgreSQL’s interactive terminal tool, psql. 

favicon imageThe Hacker News

PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks

PostgreSQL SQL injection flaw (CVE-2025-1094) exploited alongside BeyondTrust zero-day, enabling arbitrary code execution.

favicon imageVulnera

Targeted Attacks Exploit PostgreSQL Flaw Alongside BeyondTrust Zero-Day Vulnerability - VULNERA

Rapid7's research into a zero-day vulnerability in BeyondTrust's Privileged Remote Access (PRA) and Remote Support (RS) products, identified in December 2024, has led to the discovery of a previously unknown SQL injection flaw in PostgreSQL.

favicon imageAustralian Cyber Security Magazine

Rapid7 Discovers High-Severity SQL Injection Vulnerability - Australian Cyber Security Magazine

Cybersecurity company Rapid7 has discovered a high-severity SQL injection vulnerability, CVE-2025-1094, affecting the PostgreSQL interactive tool psql. This discovery was made while Rapid7 was performing research into the recent exploitation of CVE-2024-12356 - an unauthenticated remote code executi...

favicon imageCyber Daily

Rapid7 discovers ‘high-severity’ PostgreSQL injection zero-day vulnerability

A high-severity vulnerability in an open-source SQL database has been discovered by the team at cyber security firm Rapid7.

favicon imageSecurityBrief New Zealand

High-severity SQL vulnerability found in PostgreSQL tool

Rapid7 has revealed a critical SQL injection vulnerability in PostgreSQL's psql tool, potentially exposing users to severe security risks.

favicon imageHackread

8.8 Rated PostgreSQL Vulnerability Puts Databases at Risk

Cybersecurity researchers have identified a serious security flaw in PostgreSQL that could lead to data breaches and system compromise.

favicon imageThe Hacker News

High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables

Critical PostgreSQL flaw (CVE-2024-10979) patched; update now to prevent code execution and data breaches.

favicon imageGBHackers on Security

PostgreSQL Vulnerability Allows Hackers To Execute Arbitrary SQL Functions

PostgreSQL Vulnerability, pg_dump utility poses a significant security risk, especially when executed by superusers.

favicon imageNews.de

PostgreSQL: Neue Sicherheitslücke! Schwachstelle ermöglicht Privilegieneskalation

Das BSI hat einen aktuellen IT-Sicherheitshinweis für PostgreSQL veröffentlicht. Mehr über die betroffenen Betriebssysteme und Produkte sowie CVE-Nummern erfahren Sie hier auf news.de.

favicon imageOP Innovate

CVE-2024-0985: A Critical Security Vulnerability in PostgreSQL - OP INNOVATE

CVE-2024-0985 poses a critical risk to PostgreSQL versions 12-15, allowing elevated privilege attacks via specific operations. Immediate upgrade to patched versions (12.18, 13.14, 14.11, 15.6) is crucial. Exercise caution with untrusted materialized views to mitigate potential data breaches.

favicon imagesecurityonline.info

CVE-2024-0985: PostgreSQL's Critical Security Flaw Exposed

This vulnerability, designated CVE-2024-0985 (CVSS 8.0), could allow attackers to execute malicious code with elevated privileges