PostgreSQL timeofday() can disclose portions of server memory_CVE-2026-6474

4.3 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Description

Externally-controlled format string in PostgreSQL timeofday() function allows an attacker to retrieve portions of server memory, via crafted timezone zones. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected.

Basic Information

ID CVE-2026-6474

Source PostgreSQL

Published May 14, 2026 at 13:00

Affected Product

Vendor n/a

Product PostgreSQL

Version 18

Affected Versions n/a PostgreSQL 18
n/a PostgreSQL 17
n/a PostgreSQL 16
n/a PostgreSQL 15
n/a PostgreSQL 0

CWE Classification

CWE-134

References

www.postgresql.org /support/security/CVE-2026-6474/

{
    "lastseen": "",
    "description": "Externally-controlled format string in PostgreSQL timeofday() function allows an attacker to retrieve portions of server memory, via crafted timezone zones.  Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected.",
    "published": "2026-05-14T13:00:10.254Z",
    "modified": "2026-05-14T13:00:10.254Z",
    "type": "cve",
    "title": "PostgreSQL timeofday() can disclose portions of server memory",
    "source": "PostgreSQL",
    "references": "https://www.postgresql.org/support/security/CVE-2026-6474/",
    "id": "CVE-2026-6474",
    "bulletinFamily": "",
    "cwe": [
        "CWE-134"
    ],
    "cvelist": null,
    "sourceData": "n/a PostgreSQL 18\nn/a PostgreSQL 17\nn/a PostgreSQL 16\nn/a PostgreSQL 15\nn/a PostgreSQL 0",
    "sourceHref": "",
    "cvss": {
        "score": 4.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "PostgreSQL",
    "version": "18",
    "vendor": "n/a",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}