CVE-2026-6472 | PostgreSQL up to 18.3 search_path authorization

A vulnerability labeled as critical has been found in PostgreSQL up to 14.22/15.17/16.13/17.9/18.3. Affected by this issue is some unknown functionality. The manipulation of the argument search_path results in missing authorization.

This vulnerability is known as CVE-2026-6472. It is possible to launch the attack remotely. No exploit is available.

The affected component should be upgraded.VulDB Recent EntriesRead More