CVE-2026-6472

CVE Database · CVE-2026-6472

CVE-2026-6472

· MEDIUMAnalyzed

CVSS v3.1

5.4

EPSS

0.16%

Published

May 14, 2026

Modified

May 18, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Missing authorization in PostgreSQL CREATE TYPE allows an object creator to hijack other queries that use search_path to find user-defined types, including extension-defined types. That is to say, the victim will execute arbitrary SQL functions of the attacker's choice. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Weaknesses (CWE)

CWE-862

Affected Products (5)

postgresql · postgresql (up to 14.23)vulnerable

postgresql · postgresql (up to 15.18)vulnerable

postgresql · postgresql (up to 16.14)vulnerable

postgresql · postgresql (up to 17.10)vulnerable

postgresql · postgresql (up to 18.4)vulnerable

References (1)

https://www.postgresql.org/support/security/CVE-2026-6472/

PatchVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs