Primary

Context

PostgreSQL SQL Injection Vulnerability in pg_createsubscriber Allowing Arbitrary SQL Execution as Superuser

Vulnerability

Patched

A SQL injection vulnerability has been identified in PostgreSQL's pg_createsubscriber function. This issue allows an attacker with pg_create_subscription rights to execute arbitrary SQL commands as a superuser. The vulnerability arises in major versions 17 and 18, specifically in minor versions prior to PostgreSQL 18.4 and 17.10. Versions earlier than PostgreSQL 17 are not affected. The exploitation of this vulnerability takes effect when pg_createsubscriber is executed.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of SQL commands with superuser privileges, potentially allowing for significant manipulation of the database or its contents.

Remediation

Users can upgrade to PostgreSQL versions 18.4 or 17.10 to address this vulnerability.

Added: May 14, 2026, 2:23 PM

Updated: May 14, 2026, 2:23 PM

Vulnerability Rating

Custom Algorithm

spread

8.1

impact

5.0

exploitability

4.5

remediation

7.7

relevance

8.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.1

impact

5.0

exploitability

4.5

remediation

7.7

relevance

8.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

PostgreSQL SQL Injection Vulnerability in pg_createsubscriber Allowing Arbitrary SQL Execution as Superuser

Vulnerability

Impact

Remediation

Affected Products

PostgreSQL

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating