[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2026-32286":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-06T02:55:33.997Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":24,"aliases":34,"duplicate_of":9,"upstream":37,"downstream":38,"duplicates":51,"related":54,"reserved_at":9,"published_at":63,"modified_at":64,"state":65,"summary":66,"references_raw":74,"kevs":117,"epss":118,"epss_history":121,"metrics":335,"affected":345},"CVE-2026-32286","The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-129","Improper Validation of Array Index","The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.","weakness","Draft","Variant","High",[20],{"id":21,"name":22,"techniques":23},"CAPEC-100","Overflow Buffers",[],[25],{"_key":26,"name":27,"source":28,"url":29,"maturity":30,"reliability_score":31,"verified":32,"type":9,"platforms":33,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_F10B515DB2A4EC92","Exploit Reference (securityinfinity.com)","reference","https://securityinfinity.com/research/memory-safety-vulnerabilities-in-go-postgresql-wire-protocol-parsers-pgproto3-pgx","unknown",0.2,false,[],[35,36],"GO-2026-4518","GHSA-jqcq-xjh3-6g23",[],[39,41,43,45,47,49],{"_key":40},"SUSE-SU-2026:1135-1",{"_key":42},"SUSE-SU-2026:1205-1",{"_key":44},"DEBIAN-CVE-2026-32286",{"_key":46},"UBUNTU-CVE-2026-32286",{"_key":48},"RHSA-2026:22450",{"_key":50},"RHSA-2026:22714",[52],{"_key":53},"CVE-2026-4427",[55,56,57,58,59,61],{"_key":40},{"_key":42},{"_key":48},{"_key":50},{"_key":60},"CGA-2GP2-5252-R938",{"_key":62},"CGA-722J-M72R-CCHJ","2026-03-26T19:40:51.974Z","2026-04-02T19:08:53.981Z","Analyzed",{"cisa_kev":32,"cisa_ransomware":32,"cisa_vendor":9,"epss_severity":67,"epss_score":68,"severity":69,"severity_score":70,"severity_version":71,"severity_source":72,"severity_vector":73,"severity_status":65},"low",0.00072,"high",7.5,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",[75,84,88,94,99,104,109,113],{"url":76,"sources":77,"tags":80},"https://github.com/jackc/pgx/issues/2507",[72,78,79],"osv_go","nvd",[81,82,83],"REPORT","WEB","Issue Tracking",{"url":85,"sources":86,"tags":87},"https://github.com/golang/vulndb/issues/4518",[72,78,79],[81,82,83],{"url":89,"sources":90,"tags":91},"https://pkg.go.dev/vuln/GO-2026-4518",[72,79,78],[82,92,93],"Patch","Third Party Advisory",{"url":95,"sources":96,"tags":97},"https://nvd.nist.gov/vuln/detail/CVE-2026-32286",[78],[98],"Advisory",{"url":100,"sources":101,"tags":102},"https://github.com/jackc/pgproto3",[78],[103],"PACKAGE",{"url":29,"sources":105,"tags":106},[78,72,79],[82,107,108,93],"Exploit","Mitigation",{"url":110,"sources":111,"tags":112},"https://bugzilla.redhat.com/show_bug.cgi?id=2448626",[78],[82],{"url":114,"sources":115,"tags":116},"https://github.com/advisories/GHSA-jqcq-xjh3-6g23",[72,79,78],[98,93],[],{"date":119,"score":68,"percentile":120},"2026-06-05",0.22019,[122,126,129,132,135,139,143,146,150,153,156,159,162,165,168,171,173,176,179,182,185,188,191,194,197,200,203,206,209,212,215,218,222,225,228,231,234,237,240,243,246,249,252,255,258,261,264,267,270,273,275,278,281,284,287,290,293,296,299,302,304,307,310,313,315,318,321,324,328,331,334],{"date":123,"score":124,"percentile":125},"2026-03-27",0.00017,0.03949,{"date":127,"score":124,"percentile":128},"2026-03-28",0.03953,{"date":130,"score":124,"percentile":131},"2026-03-29",0.03945,{"date":133,"score":124,"percentile":134},"2026-03-30",0.0393,{"date":136,"score":137,"percentile":138},"2026-03-31",0.00042,0.1263,{"date":140,"score":141,"percentile":142},"2026-04-01",0.00055,0.17119,{"date":144,"score":141,"percentile":145},"2026-04-02",0.17287,{"date":147,"score":148,"percentile":149},"2026-04-03",0.00058,0.18535,{"date":151,"score":148,"percentile":152},"2026-04-04",0.18563,{"date":154,"score":148,"percentile":155},"2026-04-05",0.18531,{"date":157,"score":148,"percentile":158},"2026-04-06",0.18281,{"date":160,"score":148,"percentile":161},"2026-04-07",0.18269,{"date":163,"score":148,"percentile":164},"2026-04-08",0.18352,{"date":166,"score":148,"percentile":167},"2026-04-09",0.18405,{"date":169,"score":148,"percentile":170},"2026-04-10",0.18415,{"date":172,"score":148,"percentile":167},"2026-04-11",{"date":174,"score":148,"percentile":175},"2026-04-12",0.18357,{"date":177,"score":148,"percentile":178},"2026-04-13",0.18306,{"date":180,"score":148,"percentile":181},"2026-04-14",0.18216,{"date":183,"score":148,"percentile":184},"2026-04-15",0.1826,{"date":186,"score":148,"percentile":187},"2026-04-16",0.18249,{"date":189,"score":148,"percentile":190},"2026-04-17",0.18252,{"date":192,"score":148,"percentile":193},"2026-04-18",0.18262,{"date":195,"score":148,"percentile":196},"2026-04-19",0.18208,{"date":198,"score":148,"percentile":199},"2026-04-20",0.18191,{"date":201,"score":148,"percentile":202},"2026-04-21",0.18287,{"date":204,"score":148,"percentile":205},"2026-04-22",0.18354,{"date":207,"score":148,"percentile":208},"2026-04-23",0.1837,{"date":210,"score":148,"percentile":211},"2026-04-24",0.18187,{"date":213,"score":148,"percentile":214},"2026-04-25",0.18198,{"date":216,"score":148,"percentile":217},"2026-04-26",0.18172,{"date":219,"score":220,"percentile":221},"2026-04-27",0.00064,0.1967,{"date":223,"score":220,"percentile":224},"2026-04-28",0.19633,{"date":226,"score":220,"percentile":227},"2026-04-29",0.1964,{"date":229,"score":220,"percentile":230},"2026-04-30",0.19605,{"date":232,"score":220,"percentile":233},"2026-05-01",0.19597,{"date":235,"score":220,"percentile":236},"2026-05-02",0.19628,{"date":238,"score":220,"percentile":239},"2026-05-03",0.196,{"date":241,"score":220,"percentile":242},"2026-05-04",0.19544,{"date":244,"score":220,"percentile":245},"2026-05-05",0.19535,{"date":247,"score":220,"percentile":248},"2026-05-06",0.19527,{"date":250,"score":220,"percentile":251},"2026-05-07",0.19617,{"date":253,"score":220,"percentile":254},"2026-05-08",0.19641,{"date":256,"score":220,"percentile":257},"2026-05-09",0.19702,{"date":259,"score":220,"percentile":260},"2026-05-10",0.1969,{"date":262,"score":220,"percentile":263},"2026-05-11",0.19664,{"date":265,"score":220,"percentile":266},"2026-05-12",0.19692,{"date":268,"score":220,"percentile":269},"2026-05-13",0.19738,{"date":271,"score":220,"percentile":272},"2026-05-14",0.19783,{"date":274,"score":220,"percentile":272},"2026-05-15",{"date":276,"score":220,"percentile":277},"2026-05-16",0.19799,{"date":279,"score":220,"percentile":280},"2026-05-17",0.19785,{"date":282,"score":220,"percentile":283},"2026-05-18",0.19743,{"date":285,"score":220,"percentile":286},"2026-05-19",0.19739,{"date":288,"score":220,"percentile":289},"2026-05-20",0.1975,{"date":291,"score":220,"percentile":292},"2026-05-21",0.19736,{"date":294,"score":220,"percentile":295},"2026-05-22",0.19831,{"date":297,"score":220,"percentile":298},"2026-05-23",0.19824,{"date":300,"score":220,"percentile":301},"2026-05-24",0.19766,{"date":303,"score":220,"percentile":286},"2026-05-25",{"date":305,"score":220,"percentile":306},"2026-05-26",0.19735,{"date":308,"score":220,"percentile":309},"2026-05-27",0.19815,{"date":311,"score":220,"percentile":312},"2026-05-28",0.19945,{"date":314,"score":220,"percentile":31},"2026-05-29",{"date":316,"score":220,"percentile":317},"2026-05-30",0.20004,{"date":319,"score":220,"percentile":320},"2026-05-31",0.19996,{"date":322,"score":220,"percentile":323},"2026-06-01",0.19979,{"date":325,"score":326,"percentile":327},"2026-06-02",0.00067,0.20753,{"date":329,"score":326,"percentile":330},"2026-06-03",0.20763,{"date":332,"score":68,"percentile":333},"2026-06-04",0.21938,{"date":119,"score":68,"percentile":120},[336,340,343],{"source":78,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":337,"cvss_v4_0":9},{"baseScore":70,"baseSeverity":9,"vectorString":73,"impactScore":338,"exploitabilityScore":339},6,10,{"source":72,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":341,"cvss_v4_0":9},{"baseScore":70,"baseSeverity":342,"vectorString":73,"impactScore":338,"exploitabilityScore":339},"HIGH",{"source":79,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":344,"cvss_v4_0":9},{"baseScore":70,"baseSeverity":342,"vectorString":73,"impactScore":338,"exploitabilityScore":339},[346,362],{"ecosystem":347,"name":348,"vendor":349,"product":350,"cpe_part":9,"purl_type":351,"purl_namespace":349,"purl_name":350,"source":9,"versions":352},"Go","github.com/jackc/pgproto3/v2","github.com/jackc/pgproto3","v2","golang",[353,360],{"version":354,"is_range":355,"range_type":356,"version_start":357,"version_start_type":358,"version_end":359,"version_end_type":358,"fixed_in":9},"gte2_0_0_lte2_3_3",true,"semver","2.0.0","including","2.3.3",{"version":361,"is_range":355,"range_type":356,"version_start":357,"version_start_type":358,"version_end":9,"version_end_type":9,"fixed_in":9},"gte2_0_0",{"ecosystem":9,"name":363,"vendor":364,"product":363,"cpe_part":365,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":366},"pgproto3","jackc","a",[367],{"version":368,"is_range":355,"range_type":369,"version_start":357,"version_start_type":358,"version_end":359,"version_end_type":358,"fixed_in":9},"gte2.0.0_lte2.3.3","cpe"]