Primary

Context

PostgreSQL pg_trgm Heap Buffer Overflow Vulnerability

Vulnerability

Patched

A heap buffer overflow vulnerability has been identified in the PostgreSQL `pg_trgm` extension, affecting versions 18.1 and 18.0. This vulnerability allows a database user to manipulate memory through a crafted input string. While the exact impacts are unknown, there is a possibility that such an attack could lead to privilege escalation.

Impact

Exploitation of this vulnerability causes a heap buffer overflow, which can potentially be leveraged for arbitrary code execution or privilege escalation.

Remediation

Users can upgrade to PostgreSQL version 18.2 to address this vulnerability.

Added: Feb 12, 2026, 3:02 PM

Updated: Feb 12, 2026, 4:03 PM

Vulnerability Rating

Custom Algorithm

spread

8.1

impact

1.9

exploitability

4.5

remediation

7.7

relevance

3.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.1

impact

1.9

exploitability

4.5

remediation

7.7

relevance

3.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

PostgreSQL pg_trgm Heap Buffer Overflow Vulnerability

Vulnerability

Impact

Remediation

Affected Products

PostgreSQL

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating