MGASA-2026-0041

Advisory lineage Upstream: 5 Downstream: 0
Published: 17 Feb 2026, 17:47
Last modified:16 Apr 2026, 04:19

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

17 Feb 2026, 17:47
Published
Vulnerability first disclosed
16 Apr 2026, 04:19
Last Modified
Vulnerability information updated

Description

Updated postgresql15 packages fix security vulnerabilities PostgreSQL oidvector discloses a few bytes of memory. (CVE-2026-2003) PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code. (CVE-2026-2004) PostgreSQL pgcrypto heap buffer overflow executes arbitrary code. (CVE-2026-2005) PostgreSQL missing validation of multibyte character length executes arbitrary code. (CVE-2026-2006) PostgreSQL pg_trgm heap buffer overflow writes pattern onto server memory. (CVE-2026-2007

Affected Systems

  • mageiapostgresql15

    < 15.16-1.mga9

References (3)