postgresql18 (SUSE:Linux Enterprise Module for Package Hub 15 SP7) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Package Hub 15 SP7 package postgresql18, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (7)
CVE-2026-2004 — CVSS 8.8 (high): Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute…
CVE-2026-2005 — CVSS 8.8 (high): Heap buffer overflow in PostgreSQL pgcrypto allows a ciphertext provider to execute arbitrary code as the operating system user running the…
CVE-2026-2006 — CVSS 8.8 (high): Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that…
CVE-2026-2007 — CVSS 8.2 (high): Heap buffer overflow in PostgreSQL pg_trgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has…
CVE-2025-12818 — CVSS 5.9 (medium): Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause…
CVE-2026-2003 — CVSS 4.3 (medium): Improper validation of type "oidvector" in PostgreSQL allows a database user to disclose a few bytes of server memory. We have not ruled…
CVE-2025-12817 — CVSS 3.1 (low): Missing authorization in PostgreSQL CREATE STATISTICS command allows a table owner to achieve denial of service against other CREATE…