CVE-2026-6637

HIGH

PostgreSQL refint allows stack buffer overflow and SQL injection

Title source: cna

Description

Stack buffer overflow in PostgreSQL module "refint" allows an unprivileged database user to execute arbitrary code as the operating system user running the database. A distinct attack is possible if the application declares a user-controlled column as a "refint" cascade primary key and facilitates user-controlled updates to that column. In that case, a SQL injection allows a primary key update value provider to execute arbitrary SQL as the database user performing the primary key update. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected.

References (1)

Core 1

Core References

https://www.postgresql.org/support/security/CVE-2026-6637/

Scores

CVSS v3 8.8

EPSS 0.0004

EPSS Percentile 12.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-121 CWE-89

Status published

Products (6)

None/PostgreSQL < 14.23

None/PostgreSQL 15 - 15.18

None/PostgreSQL 16 - 16.14

None/PostgreSQL 17 - 17.10

None/PostgreSQL 18 - 18.4

postgresql/postgresql < 14.23

Published May 14, 2026

Tracked Since May 14, 2026