RHSA-2026:19009
Advisory lineage Upstream: 5 Downstream: 0
Published: 20 May 2026, 10:09
Last modified:20 May 2026, 10:32
Vulnerability Summary
Overall Risk (default)
medium
35/100 CVSS Score
8.8 HIGH
3.1 (osv_red_hat)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
20 May 2026, 10:09
Published
Vulnerability first disclosed
20 May 2026, 10:32
Last Modified
Vulnerability information updated
Description
Red Hat Security Advisory: postgresql18 security update
CVSS Metrics
- v3.1•HIGH•Score: 8.8CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Systems
- redhat•postgresql18
< 0:18.3-1.el10_2
- redhat•postgresql18-contrib
< 0:18.3-1.el10_2
- redhat•postgresql18-contrib-debuginfo
< 0:18.3-1.el10_2
- redhat•postgresql18-debuginfo
< 0:18.3-1.el10_2
- redhat•postgresql18-debugsource
< 0:18.3-1.el10_2
- redhat•postgresql18-docs
< 0:18.3-1.el10_2
- redhat•postgresql18-docs-debuginfo
< 0:18.3-1.el10_2
- redhat•postgresql18-plperl
< 0:18.3-1.el10_2
- redhat•postgresql18-plperl-debuginfo
< 0:18.3-1.el10_2
- redhat•postgresql18-plpython3
< 0:18.3-1.el10_2
- redhat•postgresql18-plpython3-debuginfo
< 0:18.3-1.el10_2
- redhat•postgresql18-pltcl-debuginfo
< 0:18.3-1.el10_2
- redhat•postgresql18-private-devel
< 0:18.3-1.el10_2
- redhat•postgresql18-private-libs
< 0:18.3-1.el10_2
- redhat•postgresql18-private-libs-debuginfo
< 0:18.3-1.el10_2
- redhat•postgresql18-server
< 0:18.3-1.el10_2
- redhat•postgresql18-server-debuginfo
< 0:18.3-1.el10_2
- redhat•postgresql18-server-devel
< 0:18.3-1.el10_2
- redhat•postgresql18-server-devel-debuginfo
< 0:18.3-1.el10_2
- redhat•postgresql18-static
< 0:18.3-1.el10_2
- redhat•postgresql18-test
< 0:18.3-1.el10_2
- redhat•postgresql18-test-debuginfo
< 0:18.3-1.el10_2
- redhat•postgresql18-test-rpm-macros
< 0:18.3-1.el10_2
- redhat•postgresql18-upgrade
< 0:18.3-1.el10_2
- redhat•postgresql18-upgrade-debuginfo
< 0:18.3-1.el10_2
- redhat•postgresql18-upgrade-devel
< 0:18.3-1.el10_2
- redhat•postgresql18-upgrade-devel-debuginfo
< 0:18.3-1.el10_2
References (28)
- https://access.redhat.com/errata/RHSA-2026:19009
- https://access.redhat.com/security/updates/classification/#important
- https://bugzilla.redhat.com/show_bug.cgi?id=2439320
- https://bugzilla.redhat.com/show_bug.cgi?id=2439322
- https://bugzilla.redhat.com/show_bug.cgi?id=2439324
- https://bugzilla.redhat.com/show_bug.cgi?id=2439325
- https://bugzilla.redhat.com/show_bug.cgi?id=2439326
- https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_19009.json
- https://access.redhat.com/security/cve/CVE-2026-2003
- https://www.cve.org/CVERecord?id=CVE-2026-2003
- https://nvd.nist.gov/vuln/detail/CVE-2026-2003
- https://www.postgresql.org/support/security/CVE-2026-2003/
- https://access.redhat.com/security/cve/CVE-2026-2004
- https://www.cve.org/CVERecord?id=CVE-2026-2004
- https://nvd.nist.gov/vuln/detail/CVE-2026-2004
- https://www.postgresql.org/support/security/CVE-2026-2004/
- https://access.redhat.com/security/cve/CVE-2026-2005
- https://www.cve.org/CVERecord?id=CVE-2026-2005
- https://nvd.nist.gov/vuln/detail/CVE-2026-2005
- https://www.postgresql.org/support/security/CVE-2026-2005/
- https://access.redhat.com/security/cve/CVE-2026-2006
- https://www.cve.org/CVERecord?id=CVE-2026-2006
- https://nvd.nist.gov/vuln/detail/CVE-2026-2006
- https://www.postgresql.org/support/security/CVE-2026-2006/
- https://access.redhat.com/security/cve/CVE-2026-2007
- https://www.cve.org/CVERecord?id=CVE-2026-2007
- https://nvd.nist.gov/vuln/detail/CVE-2026-2007
- https://www.postgresql.org/support/security/CVE-2026-2007/