CVE-2026-6474 | PostgreSQL up to 18.3 Timezone timeofday format string

A vulnerability marked as critical has been reported in PostgreSQL up to 14.22/15.17/16.13/17.9/18.3. This affects the function timeofday of the component Timezone Handler. This manipulation causes format string.

This vulnerability is handled as CVE-2026-6474. The attack can be initiated remotely. There is not any exploit available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More