CVE-2026-6475 - Vulnerability Analysis
HighCVSS: 8.8Last Updated: May 14, 2026
PostgreSQL - Broken Access Control
Overview
PostgreSQL < 18.4, 17.10, 16.14, 15.18, and 14.23 contains a symlink following vulnerability in pg_basebackup plain format and pg_rewind, caused by origin superuser ability to overwrite local files, letting origin superuser hijack OS account, exploit requires action between commands and server start.
Severity & Score
Impact
Origin superuser can overwrite local files, potentially hijacking the operating system account before server start.
Mitigation
Upgrade to PostgreSQL 18.4, 17.10, 16.14, 15.18, 14.23 or later.
Social Media Activity(2 posts)
š CVE-2026-6475 - High (8.8) Symlink following in PostgreSQL pg_basebackup plain format and in pg_rewind allows an origin superuser to overwrite local files, e.g. /var/lib/postgres/.bashrc, that hijack the operating system account. It will remain the case that starting the s... š https://www.thehackerwire.com/vulnerability/CVE-2026-6475/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original post
š CVE-2026-6475 - High (8.8) Symlink following in PostgreSQL pg_basebackup plain format and in pg_rewind allows an origin superuser to overwrite local files, e.g. /var/lib/postgres/.bashrc, that hijack the operating system account. It will remain the case that starting the s... š https://www.thehackerwire.com/vulnerability/CVE-2026-6475/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2026-6475
- Severity
- High
- CVSS Score
- 8.8
- Type
- broken_access_control
- Status
- unconfirmed
- EPSS
- 0.0%
- Social Posts
- 2
CWE
- CWE-61
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H