PostgreSQL 17.x/18.x SQLi in pg_createsubscriber (17.9/18.3)
CVE-2026-6476 Published on May 14, 2026

PostgreSQL pg_createsubscriber allows SQL injection via subscription name
SQL injection in PostgreSQL pg_createsubscriber allows an attacker with pg_create_subscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pg_createsubscriber next runs. Within major versions 17 and 18, minor versions before PostgreSQL 18.4 and 17.10 are affected. Versions before PostgreSQL 17 are unaffected.

NVD

Weakness Type

What is a SQL Injection Vulnerability?

The software constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.

CVE-2026-6476 has been classified to as a SQL Injection vulnerability or weakness.

Products Associated with CVE-2026-6476

Want to know whenever a new CVE is published for PostgreSQL? stack.watch will email you.

PostgreSQL

PostgreSQL 17.x/18.x SQLi in pg_createsubscriber (17.9/18.3)CVE-2026-6476 Published on May 14, 2026

Weakness Type

What is a SQL Injection Vulnerability?

Products Associated with CVE-2026-6476

PostgreSQL 17.x/18.x SQLi in pg_createsubscriber (17.9/18.3)
CVE-2026-6476 Published on May 14, 2026