CVE-2026-6477 | PostgreSQL up to 18.3 libpq lo_export/lo_read/lo_lseek64/lo_tell64 inherently dangerous function

A vulnerability classified as critical has been found in PostgreSQL up to 14.22/15.17/16.13/17.9/18.3. This issue affects the function lo_export/lo_read/lo_lseek64/lo_tell64 of the component libpq. Performing a manipulation results in use of inherently dangerous function.

This vulnerability was named CVE-2026-6477. The attack may be initiated remotely. There is no available exploit.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More