CVE-2025-2291 | PgBouncer up to 1.24.0 auth_query a key past its expiration date

A vulnerability was found in PgBouncer up to 1.24.0. It has been classified as critical. Affected is the function auth_query. The manipulation leads to use of a key past its expiration date.

This vulnerability is traded as CVE-2025-2291. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More