WeSearch

20 Year old pgcrypto CVE reported

·2 min read · 0 reactions · 0 comments · 20 views
#security#postgresql#vulnerabilities#cve#software
20 Year old pgcrypto CVE reported
TL;DR · WeSearch summary

Recent vulnerabilities in the pgcrypto extension of PostgreSQL have been disclosed, specifically CVE-2026-2005 and CVE-2026-2006. Both issues, which allow for remote code execution, have existed since the extension's inception in 2005. Users are urged to patch their systems promptly to mitigate these risks, especially given the wide vulnerability surface due to default permissions.

Key facts
Original article
Thebuild
Read full at Thebuild →
Opening excerpt (first ~120 words) tap to expand

2026-05-15 3 min PostgreSQL Two Decades, Two RCEs: What pgcrypto Has Been Doing Since 2005 On May 4, ZeroDay.Cloud published the technical writeups for CVE-2026-2005 and CVE-2026-2006. Both are remote code execution bugs in pgcrypto. Both have been in the tree since pgcrypto was first contributed in 2005. That’s the headline. It deserves a beat to land. CVE-2026-2005 is a 32-byte heap overflow in pgp_parse_pubenc_sesskey(). The code decrypts an RSA or ElGamal session-key payload from a PGP message and copies the result into a fixed-size buffer (ctx->sess_key, bounded at 32 bytes) with no bounds check at all. Hand the function a PGP message with a larger session key and you get arbitrary writes onto the backend heap. The path to RCE inside the database process is mechanical from there.

Excerpt limited to ~120 words for fair-use compliance. The full article is at Thebuild.

Anonymous · no account needed
Share 𝕏 Facebook Reddit LinkedIn Threads WhatsApp Bluesky Mastodon Email

Discussion

0 comments

More from Thebuild