CVE-2026-6638
Last modified
CVE-2026-6638 is a high-severity vulnerability rated 8.8/10 on the CVSS scale. SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. EPSS estimates a 0.18% chance of exploitation in the next 30 days.
Description
SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials. The attack takes effect at the next REFRESH PUBLICATION. Within major versions 16, 17, and 18, minor versions before PostgreSQL 18.4, 17.10, and 16.14 are affected. Versions before PostgreSQL 16 are unaffected.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Postgresql | Postgresql | >= 16.0, < 16.14 |
| Postgresql | Postgresql | >= 17.0, < 17.10 |
| Postgresql | Postgresql | >= 18.0, < 18.4 |
References
- https://www.postgresql.org/support/security/CVE-2026-6638/Patch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2026-6638?
How severe is CVE-2026-6638?
How do I fix CVE-2026-6638?
Are you affected by CVE-2026-6638?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST