CVE-2026-2005 – PostgreSQL pgcrypto heap buffer overflow executes arbitrary code

CVE ID : CVE-2026-2005

Published : Feb. 12, 2026, 1 p.m. | 1 hour, 26 minutes ago

Description : Heap buffer overflow in PostgreSQL pgcrypto allows a ciphertext provider to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…