Uncontrolled recursion in PostgreSQL SSL and GSS negotiation allows an attacker able to connect to a PostgreSQL AF_UNIX socket to achieve sustained denial of service. If SSL and GSS are both disabled, an attacker can do the same via access to a PostgreSQL TCP socket. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected.

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2086-1 advisory.

    This update for postgresql14 fixes the following issues

    Security issues:

    - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified (bsc#1265172).
    - CVE-2026-6473: integer overflows in memory-allocation calculations (bsc#1265173).
    - CVE-2026-6474: Guard against malicious time zone names (bsc#1265174).
    - CVE-2026-6475: Prevent path traversal in pg_basebackup and pg_rewind (bsc#1265175).
    - CVE-2026-6477: Mark PQfn() as unsafe, and avoid using it within libpq (bsc#1265177).
    - CVE-2026-6478: Use timing-safe string comparisons in authentication code (bsc#1265178).
    - CVE-2026-6479: Prevent unbounded recursion while processing startup packets (bsc#1265179).
    - CVE-2026-6637: Prevent SQL injection and buffer overruns in contrib/spi (bsc#1265181).

    Other issues:

    - Updated to version 14.23
    - Get rid of update-alternatives for openSUSE/SLE 16.0 and newer      to support immutable systems and transactional updates. (jsc#PED-14823)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2117-1 advisory.

    This update for postgresql14 fixes the following issues

    Update to version 14.23.

    Security issues:

    - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified (bsc#1265172).
    - CVE-2026-6473: integer overflows in memory-allocation calculations (bsc#1265173).
    - CVE-2026-6474: Guard against malicious time zone names (bsc#1265174).
    - CVE-2026-6475: Prevent path traversal in pg_basebackup and pg_rewind (bsc#1265175).
    - CVE-2026-6477: Mark PQfn() as unsafe, and avoid using it within libpq (bsc#1265177).
    - CVE-2026-6478: Use timing-safe string comparisons in authentication code (bsc#1265178).
    - CVE-2026-6479: Prevent unbounded recursion while processing startup packets (bsc#1265179).
    - CVE-2026-6637: Prevent SQL injection and buffer overruns in contrib/spi (bsc#1265181).

    Non security issue:
    - Get rid of update-alternatives for openSUSE/SLE 16.0 and newer to support immutable systems and     transactional       updates (jsc#PED-14823).
    - /usr/bin/pg_config is missing after migrating away from update-alternatives (bsc#1263804).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2084-1 advisory.

    This update for postgresql16 fixes the following issues

    Security issues:

    - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified (bsc#1265172).
    - CVE-2026-6473: integer overflows in memory-allocation calculations (bsc#1265173).
    - CVE-2026-6474: Guard against malicious time zone names (bsc#1265174).
    - CVE-2026-6475: Prevent path traversal in pg_basebackup and pg_rewind (bsc#1265175).
    - CVE-2026-6477: Mark PQfn() as unsafe, and avoid using it within libpq (bsc#1265177).
    - CVE-2026-6478: Use timing-safe string comparisons in authentication code (bsc#1265178).
    - CVE-2026-6479: Prevent unbounded recursion while processing startup packets (bsc#1265179).
    - CVE-2026-6637: Prevent SQL injection and buffer overruns in contrib/spi (bsc#1265181).
    - CVE-2026-6638: Properly quote object names in logical replication origin checks (bsc#1265182).

    Non security issue:

    - Update to version 16.13.
    - Get rid of update-alternatives for openSUSE/SLE 16.0 and newer      to support immutable systems and transactional updates. (jsc#PED-14824)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2085-1 advisory.

    This update for postgresql15 fixes the following issues

    Security issues:

    - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified (bsc#1265172).
    - CVE-2026-6473: integer overflows in memory-allocation calculations (bsc#1265173).
    - CVE-2026-6474: Guard against malicious time zone names (bsc#1265174).
    - CVE-2026-6475: Prevent path traversal in pg_basebackup and pg_rewind (bsc#1265175).
    - CVE-2026-6477: Mark PQfn() as unsafe, and avoid using it within libpq (bsc#1265177).
    - CVE-2026-6478: Use timing-safe string comparisons in authentication code (bsc#1265178).
    - CVE-2026-6479: Prevent unbounded recursion while processing startup packets (bsc#1265179).
    - CVE-2026-6637: Prevent SQL injection and buffer overruns in contrib/spi (bsc#1265181).

    Non security issue:

    - Updated to version 15.18.
    - Get rid of update-alternatives for openSUSE/SLE 16.0 and newer      to support immutable systems and transactional updates. (jsc#PED-14823)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of PostgreSQL installed on the remote host is 14 prior to 14.23, 15 prior to 15.18, 16 prior to 16.14, 17 prior to 17.10, or 18 prior to 18.4. As such, it is potentially affected by multiple vulnerabilities:

  - Stack buffer overflow in PostgreSQL module refint allows an unprivileged database user to execute     arbitrary code as the operating system user running the database. A distinct attack is possible if the     application declares a user-controlled column as a refint cascade primary key and facilitates user-     controlled updates to that column. In that case, a SQL injection allows a primary key update value     provider to execute arbitrary SQL as the database user performing the primary key update. Versions before     PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected. (CVE-2026-6637)

  - Use of inherently dangerous function PQfn(..., result_is_int=0, ...) in PostgreSQL libpq lo_export(),     lo_read(), lo_lseek64(), and lo_tell64() functions allows the server superuser to overwrite a client stack     buffer with an arbitrarily-large response. Like gets(), PQfn(..., result_is_int=0, ...) stores arbitrary-     length, server-determined data into a buffer of unspecified size. Because both the \lo_export command in     psql and pg_dump call lo_read(), the server superuser can overwrite pg_dump or psql stack memory. Versions     before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected. (CVE-2026-6477)

  - Integer wraparound in multiple PostgreSQL server features allows an unprivileged database user to cause     the server to undersize an allocation and write out-of-bounds. This may execute arbitrary code as the     operating system user running the database. In applications that pass gigabyte-scale user inputs to the     relevant database functions, the application input provider may achieve a segmentation fault. Versions     before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected. (CVE-2026-6473)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8294-1 advisory.

    It was discovered that PostgreSQL did not correctly enforce authorization for CREATE TYPE. An attacker     could possibly use this issue to execute arbitrary SQL functions. (CVE-2026-6472)

    It was discovered that PostgreSQL incorrectly handled large user input in multiple server features. An     attacker could possibly use this issue to cause PostgreSQL to crash, resulting in a denial of service, or     execute arbitrary code. (CVE-2026-6473)

    It was discovered that PostgreSQL incorrectly handled format strings in the timeofday() function. An     attacker could possibly use this issue to obtain sensitive information. (CVE-2026-6474)

    It was discovered that PostgreSQL incorrectly followed symbolic links in pg_basebackup and pg_rewind. An     attacker could possibly use this issue to overwrite local files and execute arbitrary code.
    (CVE-2026-6475)

    It was discovered that PostgreSQL had an SQL injection vulnerability in pg_createsubscriber. An attacker     could possibly use this issue to execute arbitrary SQL as a superuser. This issue only affected Ubuntu     25.10 and Ubuntu 26.04 LTS. (CVE-2026-6476)

    It was discovered that PostgreSQL used an unsafe libpq function in large object operations. An attacker     could possibly use this issue to overwrite client memory and execute arbitrary code. (CVE-2026-6477)

    It was discovered that PostgreSQL did not compare MD5-hashed passwords in constant time. An attacker could     possibly use this issue to obtain sensitive information. (CVE-2026-6478)

    It was discovered that PostgreSQL had uncontrolled recursion during SSL and GSS negotiation. An attacker     could possibly use this issue to cause a denial of service. (CVE-2026-6479)

    It was discovered that PostgreSQL incorrectly handled array length mismatches in     pg_restore_attribute_stats(). An attacker could possibly use this issue to obtain sensitive information.
    This issue only affected Ubuntu 26.04 LTS. (CVE-2026-6575)

    It was discovered that PostgreSQL had a stack buffer overflow in the refint module. An attacker could use     this issue to cause PostgreSQL to crash, resulting in a denial of service, or possibly execute arbitrary     code. (CVE-2026-6637)

    It was discovered that PostgreSQL had an SQL injection vulnerability in logical replication REFRESH     PUBLICATION. An attacker could possibly use this issue to execute arbitrary SQL. This issue only affected     Ubuntu 24.04 LTS, Ubuntu 25.10, and Ubuntu 26.04 LTS. (CVE-2026-6638)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1946-1 advisory.

    This update for postgresql18 fixes the following issues

    Update to version 18.4.

    Security issues:

    - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified (bsc#1265172).
    - CVE-2026-6473: integer overflows in memory-allocation calculations (bsc#1265173).
    - CVE-2026-6474: Guard against malicious time zone names (bsc#1265174).
    - CVE-2026-6475: Prevent path traversal in pg_basebackup and pg_rewind (bsc#1265175).
    - CVE-2026-6476: Properly quote subscription names in pg_createsubscriber (bsc#1265176).
    - CVE-2026-6477: Mark PQfn() as unsafe, and avoid using it within libpq (bsc#1265177).
    - CVE-2026-6478: Use timing-safe string comparisons in authentication code (bsc#1265178).
    - CVE-2026-6479: Prevent unbounded recursion while processing startup packets (bsc#1265179).
    - CVE-2026-6575: Detect faulty input when restoring attribute MCV statistics (bsc#1265180).
    - CVE-2026-6637: Prevent SQL injection and buffer overruns in contrib/spi (bsc#1265181).
    - CVE-2026-6638: Properly quote object names in logical replication origin checks (bsc#1265182).

    Non security issue:

    - Get rid of update-alternatives for openSUSE/SLE 16.0 and newer to support immutable systems and     transactional       updates (jsc#PED-14820).
    - /usr/bin/pg_config is missing after migrating away from update-alternatives (bsc#1263804).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1943-1 advisory.

    This update for postgresql17 fixes the following issues

    Update to version 17.10.

    Security issues:

    - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified (bsc#1265172).
    - CVE-2026-6473: integer overflows in memory-allocation calculations (bsc#1265173).
    - CVE-2026-6474: Guard against malicious time zone names (bsc#1265174).
    - CVE-2026-6475: Prevent path traversal in pg_basebackup and pg_rewind (bsc#1265175).
    - CVE-2026-6476: Properly quote subscription names in pg_createsubscriber (bsc#1265176).
    - CVE-2026-6477: Mark PQfn() as unsafe, and avoid using it within libpq (bsc#1265177).
    - CVE-2026-6478: Use timing-safe string comparisons in authentication code (bsc#1265178).
    - CVE-2026-6479: Prevent unbounded recursion while processing startup packets (bsc#1265179).
    - CVE-2026-6637: Prevent SQL injection and buffer overruns in contrib/spi (bsc#1265181).
    - CVE-2026-6638: Properly quote object names in logical replication origin checks (bsc#1265182).

    Non security issue:

    - Get rid of update-alternatives for openSUSE/SLE 16.0 and newer to support immutable systems and     transactional       updates (jsc#PED-14825 bsc#1245875).
    - /usr/bin/pg_config is missing after migrating away from update-alternatives (bsc#1263804).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1945-1 advisory.

    This update for postgresql18 fixes the following issues

    Update to version 18.4.

    Security issues:

    - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified (bsc#1265172).
    - CVE-2026-6473: integer overflows in memory-allocation calculations (bsc#1265173).
    - CVE-2026-6474: Guard against malicious time zone names (bsc#1265174).
    - CVE-2026-6475: Prevent path traversal in pg_basebackup and pg_rewind (bsc#1265175).
    - CVE-2026-6476: Properly quote subscription names in pg_createsubscriber (bsc#1265176).
    - CVE-2026-6477: Mark PQfn() as unsafe, and avoid using it within libpq (bsc#1265177).
    - CVE-2026-6478: Use timing-safe string comparisons in authentication code (bsc#1265178).
    - CVE-2026-6479: Prevent unbounded recursion while processing startup packets (bsc#1265179).
    - CVE-2026-6575: Detect faulty input when restoring attribute MCV statistics (bsc#1265180).
    - CVE-2026-6637: Prevent SQL injection and buffer overruns in contrib/spi (bsc#1265181).
    - CVE-2026-6638: Properly quote object names in logical replication origin checks (bsc#1265182).

    Non security issue:

    - Get rid of update-alternatives for openSUSE/SLE 16.0 and newer to support immutable systems and     transactional       updates (jsc#PED-14820).
    - /usr/bin/pg_config is missing after migrating away from update-alternatives (bsc#1263804).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1942-1 advisory.

    This update for postgresql16 fixes the following issues

    Update to version 16.13.

    Security issues:

    - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified (bsc#1265172).
    - CVE-2026-6473: integer overflows in memory-allocation calculations (bsc#1265173).
    - CVE-2026-6474: Guard against malicious time zone names (bsc#1265174).
    - CVE-2026-6475: Prevent path traversal in pg_basebackup and pg_rewind (bsc#1265175).
    - CVE-2026-6477: Mark PQfn() as unsafe, and avoid using it within libpq (bsc#1265177).
    - CVE-2026-6478: Use timing-safe string comparisons in authentication code (bsc#1265178).
    - CVE-2026-6479: Prevent unbounded recursion while processing startup packets (bsc#1265179).
    - CVE-2026-6637: Prevent SQL injection and buffer overruns in contrib/spi (bsc#1265181).
    - CVE-2026-6638: Properly quote object names in logical replication origin checks (bsc#1265182).

    Non security issue:

    - Get rid of update-alternatives for openSUSE/SLE 16.0 and newer to support immutable systems and     transactional       updates (jsc#PED-14824).
    - /usr/bin/pg_config is missing after migrating away from update-alternatives (bsc#1263804).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1944-1 advisory.

    This update for postgresql18 fixes the following issues

    Update to version 18.4.

    Security issues:

    - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified (bsc#1265172).
    - CVE-2026-6473: integer overflows in memory-allocation calculations (bsc#1265173).
    - CVE-2026-6474: Guard against malicious time zone names (bsc#1265174).
    - CVE-2026-6475: Prevent path traversal in pg_basebackup and pg_rewind (bsc#1265175).
    - CVE-2026-6476: Properly quote subscription names in pg_createsubscriber (bsc#1265176).
    - CVE-2026-6477: Mark PQfn() as unsafe, and avoid using it within libpq (bsc#1265177).
    - CVE-2026-6478: Use timing-safe string comparisons in authentication code (bsc#1265178).
    - CVE-2026-6479: Prevent unbounded recursion while processing startup packets (bsc#1265179).
    - CVE-2026-6575: Detect faulty input when restoring attribute MCV statistics (bsc#1265180).
    - CVE-2026-6637: Prevent SQL injection and buffer overruns in contrib/spi (bsc#1265181).
    - CVE-2026-6638: Properly quote object names in logical replication origin checks (bsc#1265182).

    Non security issue:

    - Get rid of update-alternatives for openSUSE/SLE 16.0 and newer to support immutable systems and     transactional       updates (jsc#PED-14820).
    - /usr/bin/pg_config is missing after migrating away from update-alternatives (bsc#1263804).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 7185ecc9-4fb7-11f1-bc50-6cc21735f730 advisory.

    The PostgreSQL project reports:

              Missing authorization in PostgreSQL CREATE TYPE               allows an object creator to hijack other queries that use               search_path to find user-defined types, including               extension-defined types. That is to say, the victim will execute               arbitrary SQL functions of the attacker's choice.


              Integer wraparound in multiple PostgreSQL server               features allows an application input provider to cause the               server to undersize an allocation and write out-of-bounds. This               results in a segmentation fault.


              Externally-controlled format string in PostgreSQL timeofday()               function allows an attacker to retrieve portions of server               memory, via crafted timezone zones.


              Symlink following in               PostgreSQL pg_basebackup plain format and in pg_rewind allows an               origin superuser to overwrite local files, e.g.
              /var/lib/postgres/.bashrc, that hijack the operating system               account. It will remain the case that starting the server after               these commands implicitly trusts the origin superuser, due to               features like shared_preload_libraries. Hence, the attack has               practical implications only if one takes relevant action between               these commands and server start, like moving the files to a               different VM or snapshotting the VM.


              SQL injection in PostgreSQL               pg_createsubscriber allows an attacker with               pg_create_subscription rights to execute arbitrary SQL as a               superuser. The attack takes effect when pg_createsubscriber next               runs. Versions before PostgreSQL 17 are unaffected.


              PostgreSQL libpq lo_* functions let server superuser overwrite               client stack memory. Use of inherently dangerous function               PQfn(..., result_is_int=0, ...) in PostgreSQL libpq lo_export(),               lo_read(), lo_lseek64(), and lo_tell64() functions allows the               server superuser to overwrite a client stack buffer with an               arbitrarily-large response. Like gets(), PQfn(...,               result_is_int=0, ...) stores arbitrary-length, server-determined               data into a buffer of unspecified size. Because both the               \lo_export command in psql and pg_dump call lo_read(), the               server superuser can overwrite pg_dump or psql stack memory.


              PostgreSQL discloses MD5-hashed passwords via covert timing               channel. Covert timing channel in comparison of MD5-hashed               password in PostgreSQL authentication allows an attacker to               recover user credentials sufficient to authenticate. This does               not affect scram-sha-256 passwords, the default in all supported               releases. However, current databases may have MD5-hashed               passwords originating in upgrades from PostgreSQL 13 or earlier.


              PostgreSQL SSL/GSS init causes denial of service, via               uncontrolled recursion. Uncontrolled recursion in PostgreSQL SSL               and GSS negotiation allows an attacker able to connect to a               PostgreSQL AF_UNIX socket to achieve sustained denial of               service. If SSL and GSS are both disabled, an attacker can do               the same via access to a PostgreSQL TCP socket.


              PostgreSQL pg_restore_attribute_stats accepts values that cause               query planning to read past end of stats array. Buffer over-read               in PostgreSQL function pg_restore_attribute_stats() accepts               array values of unmatched length, which causes query planning to               read past end of one array. This allows a table maintainer to               infer memory values past that array end. Versions before               PostgreSQL 18 are unaffected.


              PostgreSQL refint allows stack buffer overflow and SQL               injection. Stack buffer overflow in PostgreSQL module refint               allows an unprivileged database user to execute arbitrary code               as the operating system user running the database. A distinct               attack is possible if the application declares a user-controlled               column as a refint cascade primary key and facilitates               user-controlled updates to that column. In that case, a SQL               injection allows a primary key update value provider to execute               arbitrary SQL as the database user performing the primary key               update.


              PostgreSQL REFRESH PUBLICATION allows SQL injection via table               name. SQL injection in PostgreSQL logical replication ALTER               SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table               creator to execute arbitrary SQL with the subscription's               publication-side credentials. The attack takes effect at the               next REFRESH PUBLICATION. Versions before PostgreSQL 16 are               unaffected.


Tenable has extracted the preceding description block directly from the FreeBSD security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - Uncontrolled recursion in PostgreSQL SSL and GSS negotiation allows an attacker able to connect to a     PostgreSQL AF_UNIX socket to achieve sustained denial of service. If SSL and GSS are both disabled, an     attacker can do the same via access to a PostgreSQL TCP socket. Versions before PostgreSQL 18.4, 17.10,     16.14, 15.18, and 14.23 are affected. (CVE-2026-6479)

Note that Nessus relies on the presence of the package as reported by the vendor.

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6270 advisory.

    - -------------------------------------------------------------------------     Debian Security Advisory DSA-6270-1                   security@debian.org     https://www.debian.org/security/                       Moritz Muehlenhoff     May 14, 2026                          https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package        : postgresql-17     CVE ID         : CVE-2026-6472 CVE-2026-6473 CVE-2026-6474 CVE-2026-6475                      CVE-2026-6476 CVE-2026-6477 CVE-2026-6478 CVE-2026-6479                      CVE-2026-6637 CVE-2026-6638

    Multiple security issues were discovered in PostgreSQL, which may result     in authorisation bypass, execution of arbitrary code, information     disclosure, privilege escalation, SQL injection or denial of service.

    For the stable distribution (trixie), these problems have been fixed in     version 17.10-0+deb13u1.

    We recommend that you upgrade your postgresql-17 packages.

    For the detailed security status of postgresql-17 please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/postgresql-17

    Further information about Debian Security Advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6269 advisory.

    - -------------------------------------------------------------------------     Debian Security Advisory DSA-6269-1                   security@debian.org     https://www.debian.org/security/                       Moritz Muehlenhoff     May 14, 2026                          https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package        : postgresql-15     CVE ID         : CVE-2026-6472 CVE-2026-6473 CVE-2026-6474 CVE-2026-6475                      CVE-2026-6477 CVE-2026-6478 CVE-2026-6479 CVE-2026-6637

    Multiple security issues were discovered in PostgreSQL, which may result     in authorisation bypass, execution of arbitrary code, information     disclosure, privilege escalation, SQL injection or denial of service.

    For the oldstable distribution (bookworm), these problems have been fixed     in version 15.18-0+deb12u1.

    We recommend that you upgrade your postgresql-15 packages.

    For the detailed security status of postgresql-15 please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/postgresql-15

    Further information about Debian Security Advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
318130	SUSE SLES12 Security Update : postgresql14 (SUSE-SU-2026:2086-1)	Nessus	SuSE Local Security Checks	high
318070	SUSE SLES15 Security Update : postgresql14 (SUSE-SU-2026:2117-1)	Nessus	SuSE Local Security Checks	high
317727	SUSE SLES12 Security Update : postgresql16 (SUSE-SU-2026:2084-1)	Nessus	SuSE Local Security Checks	high
317662	SUSE SLES12 Security Update : postgresql15 (SUSE-SU-2026:2085-1)	Nessus	SuSE Local Security Checks	high
316515	PostgreSQL 14.x < 14.23 / 15.x < 15.18 / 16.x < 16.14 / 17.x < 17.10 / 18.x < 18.4 Multiple Vulnerabilities	Nessus	Databases	high
316495	Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : PostgreSQL vulnerabilities (USN-8294-1)	Nessus	Ubuntu Local Security Checks	high
315292	SUSE SLES12 Security Update : postgresql18 (SUSE-SU-2026:1946-1)	Nessus	SuSE Local Security Checks	high
315289	SUSE SLED15 / SLES15 Security Update : postgresql17 (SUSE-SU-2026:1943-1)	Nessus	SuSE Local Security Checks	high
315271	SUSE SLES15 Security Update : postgresql18 (SUSE-SU-2026:1945-1)	Nessus	SuSE Local Security Checks	high
315268	SUSE SLES15 Security Update : postgresql16 (SUSE-SU-2026:1942-1)	Nessus	SuSE Local Security Checks	high
315255	SUSE SLED15 / SLES15 Security Update : postgresql18 (SUSE-SU-2026:1944-1)	Nessus	SuSE Local Security Checks	high
314914	FreeBSD : PostgreSQL -- Multiple vulnerabilities (7185ecc9-4fb7-11f1-bc50-6cc21735f730)	Nessus	FreeBSD Local Security Checks	high
314719	Linux Distros Unpatched Vulnerability : CVE-2026-6479	Nessus	Misc.	high
314703	Debian dsa-6270 : libecpg-compat3 - security update	Nessus	Debian Local Security Checks	high
314702	Debian dsa-6269 : libecpg-compat3 - security update	Nessus	Debian Local Security Checks	high

Detections

Analytics

CVE-2026-6479

high

Tenable Plugins

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high