Buffer Over-read Vulnerability in PostgreSQL by PostgreSQL Global Development Group
CVE-2026-6575

4.3MEDIUM

Key Information:

Vendor: PostgreSQL Global Development Group
Status: Postgresql
Vendor: CVE Published:; 14 May 2026

🔔 Create PostgreSQL Global Development Group Vulnerability Alert

What is CVE-2026-6575?

A buffer over-read vulnerability exists in the PostgreSQL function pg_restore_attribute_stats(). This issue arises when the function accepts array values of unmatched lengths, leading to query planning that reads beyond the bounds of the array. This situation potentially enables a table maintainer to infer sensitive memory values that lie beyond the end of the array. Specifically, this affects PostgreSQL major version 18, with vulnerable minor versions prior to 18.4. Users of versions before PostgreSQL 18 are not impacted.

Affected Version(s)

PostgreSQL 18 < 18.4

References

https://www.postgresql.org/support/security/CVE-2026-6575/

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2026
Vulnerability Reserved
Apr 19, 2026

Credit

The PostgreSQL project thanks Jeroen Gui for reporting this problem.

CVE-2026-6575 Data

JSON