CVE-2026-6473 - Vulnerability Analysis
HighCVSS: 8.8Last Updated: May 14, 2026
PostgreSQL - Integer Overflow
Overview
PostgreSQL < 18.4, 17.10, 16.14, 15.18, and 14.23 contains an integer overflow caused by undersized memory allocation in multiple server features, letting unprivileged database users execute arbitrary code as the OS user, exploit requires unprivileged database access.
Severity & Score
Impact
Unprivileged users can execute arbitrary code as the database OS user, potentially leading to full system compromise.
Mitigation
Upgrade to versions 18.4, 17.10, 16.14, 15.18, 14.23 or later.
Social Media Activity(2 posts)
š CVE-2026-6473 - High (8.8) Integer wraparound in multiple PostgreSQL server features allows an unprivileged database user to cause the server to undersize an allocation and write out-of-bounds. This may execute arbitrary code as the operating system user running the databa... š https://www.thehackerwire.com/vulnerability/CVE-2026-6473/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original post
š CVE-2026-6473 - High (8.8) Integer wraparound in multiple PostgreSQL server features allows an unprivileged database user to cause the server to undersize an allocation and write out-of-bounds. This may execute arbitrary code as the operating system user running the databa... š https://www.thehackerwire.com/vulnerability/CVE-2026-6473/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2026-6473
- Severity
- High
- CVSS Score
- 8.8
- Type
- integer_overflow
- Status
- unconfirmed
- EPSS
- 0.0%
- Social Posts
- 2
CWE
- CWE-190
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H