CVE-2026-6473
Severity CVSS v4.0:
Pending analysis
Type:
CWE-190
Integer Overflow or Wraparound
Publication date:
14/05/2026
Last modified:
06/07/2026
Description
Integer wraparound in multiple PostgreSQL server features allows an unprivileged database user to cause the server to undersize an allocation and write out-of-bounds. This may execute arbitrary code as the operating system user running the database. In applications that pass gigabyte-scale user inputs to the relevant database functions, the application input provider may achieve a segmentation fault. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected.
Impact
Base Score 3.x
8.80
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:* | 14.23 (excluding) | |
| cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:* | 15.0 (including) | 15.18 (excluding) |
| cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:* | 16.0 (including) | 16.14 (excluding) |
| cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:* | 17.0 (including) | 17.10 (excluding) |
| cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:* | 18.0 (including) | 18.4 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://www.postgresql.org/support/security/CVE-2026-6473/
- https://access.redhat.com/errata/RHSA-2026:22878
- https://access.redhat.com/errata/RHSA-2026:26181
- https://access.redhat.com/errata/RHSA-2026:26203
- https://access.redhat.com/errata/RHSA-2026:26204
- https://access.redhat.com/errata/RHSA-2026:26524
- https://access.redhat.com/errata/RHSA-2026:26525
- https://access.redhat.com/errata/RHSA-2026:26561
- https://access.redhat.com/errata/RHSA-2026:27718
- https://access.redhat.com/errata/RHSA-2026:27738
- https://access.redhat.com/errata/RHSA-2026:27741
- https://access.redhat.com/errata/RHSA-2026:27742
- https://access.redhat.com/errata/RHSA-2026:27743
- https://access.redhat.com/errata/RHSA-2026:28037
- https://access.redhat.com/errata/RHSA-2026:28143
- https://access.redhat.com/errata/RHSA-2026:28999
- https://access.redhat.com/errata/RHSA-2026:29212
- https://access.redhat.com/errata/RHSA-2026:29815
- https://access.redhat.com/errata/RHSA-2026:29904
- https://access.redhat.com/errata/RHSA-2026:29953
- https://access.redhat.com/errata/RHSA-2026:32983
- https://access.redhat.com/errata/RHSA-2026:32994
- https://access.redhat.com/errata/RHSA-2026:33441
- https://access.redhat.com/errata/RHSA-2026:33497
- https://access.redhat.com/errata/RHSA-2026:34043
- https://access.redhat.com/errata/RHSA-2026:34362
- https://access.redhat.com/errata/RHSA-2026:34363
- https://access.redhat.com/errata/RHSA-2026:35880
- https://access.redhat.com/security/cve/CVE-2026-6473
- https://bugzilla.redhat.com/show_bug.cgi?id=2477448
- https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-6473.json



