CNNVD-202602-2127 Information

CNNVD ID

CNNVD-202602-2127

Related CVE

CVE-2026-2003

• CNNVD Published: 2026-02-12

Description (Chinese)

PostgreSQL是PostgreSQL组织的一套自由的对象关系型数据库管理系统。该系统支持大部分SQL标准并且提供了许多其他特性，例如外键、触发器、视图等。 PostgreSQL 18.2之前版本、17.8之前版本、16.12之前版本、15.16之前版本和14.21之前版本存在安全漏洞，该漏洞源于对oidvector类型验证不当，可能导致泄露服务器内存。

Description (English)

PostgreSQL is a free client relationship database management system organized by PostgreSQL. The system supports most SQL standards and provides many other features, such as external keys, triggers, views, etc. Pre-PostgreSQL 18.2, pre-17.8, pre-16.12, pre-15.16 and pre-14.21 have security loopholes, which stem from inadequate verification of the Oidvector type and may lead to the disclosure of the server memory.

Vulnerability Type

其他

Affected Vendor

PostgreSQL

Published

2026-02-12

Last Modified

2026-02-24

References

https://www.postgresql.org/support/security/CVE-2026-2003/

Patch

https://www.postgresql.org/about/news/postgresql-182-178-1612-1516-and-1421-released-3235/