{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-2006","assignerOrgId":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","state":"PUBLISHED","assignerShortName":"PostgreSQL","dateReserved":"2026-02-05T18:17:56.273Z","datePublished":"2026-02-12T13:00:10.490Z","dateUpdated":"2026-02-26T14:44:21.358Z"},"containers":{"cna":{"providerMetadata":{"orgId":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","shortName":"PostgreSQL","dateUpdated":"2026-02-12T13:00:10.490Z"},"title":"PostgreSQL missing validation of multibyte character length executes arbitrary code","descriptions":[{"lang":"en","value":"Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffer overrun.  That suffices to execute arbitrary code as the operating system user running the database.  Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected."}],"affected":[{"defaultStatus":"unaffected","product":"PostgreSQL","vendor":"n/a","versions":[{"lessThan":"18.2","status":"affected","version":"18","versionType":"rpm"},{"lessThan":"17.8","status":"affected","version":"17","versionType":"rpm"},{"lessThan":"16.12","status":"affected","version":"16","versionType":"rpm"},{"lessThan":"15.16","status":"affected","version":"15","versionType":"rpm"},{"lessThan":"14.21","status":"affected","version":"0","versionType":"rpm"}]}],"problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-129","type":"CWE","description":"Improper Validation of Array Index"}]}],"references":[{"url":"https://www.postgresql.org/support/security/CVE-2026-2006/"}],"metrics":[{"format":"CVSS","cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH"}}],"credits":[{"lang":"en","value":"The PostgreSQL project thanks Paul Gerste and Moritz Sanft, as part of zeroday.cloud, for reporting this problem."}]},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2026-2006","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"version":"2.0.3","timestamp":"2026-02-13T04:56:31.919502Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-02-26T14:44:21.358Z"}}]}}