CVE-2026-6478 | PostgreSQL up to 18.3 covert timing channel

May 14, 2026 Yanac

A vulnerability classified as problematic was found in PostgreSQL up to 14.22/15.17/16.13/17.9/18.3. Impacted is an unknown function. Executing a manipulation can lead to covert timing channel.

The identification of this vulnerability is CVE-2026-6478. The attack may be launched remotely. There is no exploit available.

Upgrading the affected component is advised.VulDB Recent EntriesRead More

CVE-2026-6479 | PostgreSQL up to 18.3 AF_UNIX Socket recursion
CVE-2026-6477 | PostgreSQL up to 18.3 libpq lo_export/lo_read/lo_lseek64/lo_tell64 inherently dangerous function