CVE-2026-6638

EUVD-2026-30290
SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL with the subscription's publication-side credentials.  The attack takes effect at the next REFRESH PUBLICATION.  Within major versions 16, 17, and 18, minor versions before PostgreSQL 18.4, 17.10, and 16.14 are affected.  Versions before PostgreSQL 16 are unaffected.
SQL Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.7 LOW
NETWORK
HIGH
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 7%
Affected Products (NVD)
VendorProductVersion
postgresqlpostgresql
16.0 ≤
𝑥
< 16.14
postgresqlpostgresql
17.0 ≤
𝑥
< 17.10
postgresqlpostgresql
18.0 ≤
𝑥
< 18.4
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
postgresql-17
trixie
vulnerable
trixie (security)
17.10-0+deb13u1
fixed
postgresql-18
forky
18.4-1
fixed
sid
18.4-1
fixed
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
libecpg6
suse enterprise sap 15 SP7
18.4-150600.13.11.1
fixed
suse enterprise server 12 SP3
17.10-3.27.1
fixed
suse enterprise server 12 SP5
18.4-8.12.1
fixed
suse enterprise server 15 SP4
18.4-150200.5.12.1
fixed
suse enterprise server 15 SP5
18.4-150200.5.12.1
fixed
suse enterprise server 15 SP6
18.4-150600.13.11.1
fixed
suse enterprise server 15 SP7
18.4-150600.13.11.1
fixed
libecpg6-32bit
suse enterprise server 12 SP3
17.10-3.27.1
fixed
suse enterprise server 12 SP5
18.4-8.12.1
fixed
libpq5
suse enterprise desktop 15 SP7
18.4-150600.13.11.1
fixed
suse enterprise sap 15 SP7
18.4-150600.13.11.1
fixed
suse enterprise server 12 SP3
17.10-3.27.1
fixed
suse enterprise server 12 SP5
18.4-8.12.1
fixed
suse enterprise server 15 SP4
18.4-150200.5.12.1
fixed
suse enterprise server 15 SP5
18.4-150200.5.12.1
fixed
suse enterprise server 15 SP6
18.4-150600.13.11.1
fixed
suse enterprise server 15 SP7
18.4-150600.13.11.1
fixed
libpq5-32bit
suse enterprise desktop 15 SP7
18.4-150600.13.11.1
fixed
suse enterprise sap 15 SP7
18.4-150600.13.11.1
fixed
suse enterprise server 12 SP3
17.10-3.27.1
fixed
suse enterprise server 12 SP5
18.4-8.12.1
fixed
suse enterprise server 15 SP4
18.4-150200.5.12.1
fixed
suse enterprise server 15 SP5
18.4-150200.5.12.1
fixed
suse enterprise server 15 SP6
18.4-150600.13.11.1
fixed
suse enterprise server 15 SP7
18.4-150600.13.11.1
fixed
postgresql16
suse enterprise sap 15 SP7
16.14-150600.16.33.1
fixed
suse enterprise server 12 SP3
16.14-3.44.1
fixed
suse enterprise server 12 SP5
16.14-3.44.1
fixed
suse enterprise server 15 SP4
16.14-150200.5.44.1
fixed
suse enterprise server 15 SP5
16.14-150200.5.44.1
fixed
suse enterprise server 15 SP6
16.14-150600.16.33.1
fixed
suse enterprise server 15 SP7
16.14-150600.16.33.1
fixed
postgresql16-contrib
suse enterprise sap 15 SP7
16.14-150600.16.33.1
fixed
suse enterprise server 12 SP3
16.14-3.44.1
fixed
suse enterprise server 12 SP5
16.14-3.44.1
fixed
suse enterprise server 15 SP4
16.14-150200.5.44.1
fixed
suse enterprise server 15 SP5
16.14-150200.5.44.1
fixed
suse enterprise server 15 SP6
16.14-150600.16.33.1
fixed
suse enterprise server 15 SP7
16.14-150600.16.33.1
fixed
postgresql16-devel
suse enterprise sap 15 SP7
16.14-150600.16.33.1
fixed
suse enterprise server 12 SP3
16.14-3.44.1
fixed
suse enterprise server 12 SP5
16.14-3.44.1
fixed
suse enterprise server 15 SP4
16.14-150200.5.44.1
fixed
suse enterprise server 15 SP5
16.14-150200.5.44.1
fixed
suse enterprise server 15 SP6
16.14-150600.16.33.1
fixed
suse enterprise server 15 SP7
16.14-150600.16.33.1
fixed
postgresql16-docs
suse enterprise server 12 SP3
16.14-3.44.1
fixed
suse enterprise server 12 SP5
16.14-3.44.1
fixed
suse enterprise server 15 SP4
16.14-150200.5.44.1
fixed
suse enterprise server 15 SP5
16.14-150200.5.44.1
fixed
suse enterprise server 15 SP6
16.14-150600.16.33.1
fixed
postgresql16-plperl
suse enterprise server 12 SP3
16.14-3.44.1
fixed
suse enterprise server 12 SP5
16.14-3.44.1
fixed
suse enterprise server 15 SP4
16.14-150200.5.44.1
fixed
suse enterprise server 15 SP5
16.14-150200.5.44.1
fixed
suse enterprise server 15 SP6
16.14-150600.16.33.1
fixed
postgresql16-plpython
suse enterprise server 12 SP3
16.14-3.44.1
fixed
suse enterprise server 12 SP5
16.14-3.44.1
fixed
suse enterprise server 15 SP4
16.14-150200.5.44.1
fixed
suse enterprise server 15 SP5
16.14-150200.5.44.1
fixed
suse enterprise server 15 SP6
16.14-150600.16.33.1
fixed
postgresql16-pltcl
suse enterprise server 12 SP3
16.14-3.44.1
fixed
suse enterprise server 12 SP5
16.14-3.44.1
fixed
suse enterprise server 15 SP4
16.14-150200.5.44.1
fixed
suse enterprise server 15 SP5
16.14-150200.5.44.1
fixed
suse enterprise server 15 SP6
16.14-150600.16.33.1
fixed
postgresql16-server
suse enterprise sap 15 SP7
16.14-150600.16.33.1
fixed
suse enterprise server 12 SP3
16.14-3.44.1
fixed
suse enterprise server 12 SP5
16.14-3.44.1
fixed
suse enterprise server 15 SP4
16.14-150200.5.44.1
fixed
suse enterprise server 15 SP5
16.14-150200.5.44.1
fixed
suse enterprise server 15 SP6
16.14-150600.16.33.1
fixed
suse enterprise server 15 SP7
16.14-150600.16.33.1
fixed
postgresql16-server-devel
suse enterprise sap 15 SP7
16.14-150600.16.33.1
fixed
suse enterprise server 12 SP3
16.14-3.44.1
fixed
suse enterprise server 12 SP5
16.14-3.44.1
fixed
suse enterprise server 15 SP4
16.14-150200.5.44.1
fixed
suse enterprise server 15 SP5
16.14-150200.5.44.1
fixed
suse enterprise server 15 SP6
16.14-150600.16.33.1
fixed
suse enterprise server 15 SP7
16.14-150600.16.33.1
fixed
postgresql17
suse enterprise desktop 15 SP7
17.10-150600.13.27.1
fixed
suse enterprise sap 15 SP7
17.10-150600.13.27.1
fixed
suse enterprise server 15 SP5
17.10-150200.5.28.1
fixed
suse enterprise server 15 SP6
17.10-150600.13.27.1
fixed
suse enterprise server 15 SP7
17.10-150600.13.27.1
fixed
postgresql17-contrib
suse enterprise sap 15 SP7
17.10-150600.13.27.1
fixed
suse enterprise server 15 SP5
17.10-150200.5.28.1
fixed
suse enterprise server 15 SP6
17.10-150600.13.27.1
fixed
suse enterprise server 15 SP7
17.10-150600.13.27.1
fixed
postgresql17-devel
suse enterprise sap 15 SP7
17.10-150600.13.27.1
fixed
suse enterprise server 15 SP5
17.10-150200.5.28.1
fixed
suse enterprise server 15 SP6
17.10-150600.13.27.1
fixed
suse enterprise server 15 SP7
17.10-150600.13.27.1
fixed
postgresql17-docs
suse enterprise sap 15 SP7
17.10-150600.13.27.1
fixed
suse enterprise server 15 SP5
17.10-150200.5.28.1
fixed
suse enterprise server 15 SP6
17.10-150600.13.27.1
fixed
suse enterprise server 15 SP7
17.10-150600.13.27.1
fixed
postgresql17-llvmjit
suse enterprise server 15 SP5
17.10-150200.5.28.1
fixed
postgresql17-llvmjit-devel
suse enterprise server 15 SP5
17.10-150200.5.28.1
fixed
postgresql17-plperl
suse enterprise sap 15 SP7
17.10-150600.13.27.1
fixed
suse enterprise server 15 SP5
17.10-150200.5.28.1
fixed
suse enterprise server 15 SP6
17.10-150600.13.27.1
fixed
suse enterprise server 15 SP7
17.10-150600.13.27.1
fixed
postgresql17-plpython
suse enterprise sap 15 SP7
17.10-150600.13.27.1
fixed
suse enterprise server 15 SP5
17.10-150200.5.28.1
fixed
suse enterprise server 15 SP6
17.10-150600.13.27.1
fixed
suse enterprise server 15 SP7
17.10-150600.13.27.1
fixed
postgresql17-pltcl
suse enterprise sap 15 SP7
17.10-150600.13.27.1
fixed
suse enterprise server 15 SP5
17.10-150200.5.28.1
fixed
suse enterprise server 15 SP6
17.10-150600.13.27.1
fixed
suse enterprise server 15 SP7
17.10-150600.13.27.1
fixed
postgresql17-server
suse enterprise sap 15 SP7
17.10-150600.13.27.1
fixed
suse enterprise server 15 SP5
17.10-150200.5.28.1
fixed
suse enterprise server 15 SP6
17.10-150600.13.27.1
fixed
suse enterprise server 15 SP7
17.10-150600.13.27.1
fixed
postgresql17-server-devel
suse enterprise sap 15 SP7
17.10-150600.13.27.1
fixed
suse enterprise server 15 SP5
17.10-150200.5.28.1
fixed
suse enterprise server 15 SP6
17.10-150600.13.27.1
fixed
suse enterprise server 15 SP7
17.10-150600.13.27.1
fixed
postgresql18
suse enterprise desktop 15 SP7
18.4-150600.13.11.1
fixed
suse enterprise sap 15 SP7
18.4-150600.13.11.1
fixed
suse enterprise server 15 SP6
18.4-150600.13.11.1
fixed
suse enterprise server 15 SP7
18.4-150600.13.11.1
fixed
postgresql18-contrib
suse enterprise sap 15 SP7
18.4-150600.13.11.1
fixed
suse enterprise server 15 SP6
18.4-150600.13.11.1
fixed
suse enterprise server 15 SP7
18.4-150600.13.11.1
fixed
postgresql18-devel
suse enterprise sap 15 SP7
18.4-150600.13.11.1
fixed
suse enterprise server 15 SP6
18.4-150600.13.11.1
fixed
suse enterprise server 15 SP7
18.4-150600.13.11.1
fixed
postgresql18-docs
suse enterprise sap 15 SP7
18.4-150600.13.11.1
fixed
suse enterprise server 15 SP6
18.4-150600.13.11.1
fixed
suse enterprise server 15 SP7
18.4-150600.13.11.1
fixed
postgresql18-plperl
suse enterprise sap 15 SP7
18.4-150600.13.11.1
fixed
suse enterprise server 15 SP6
18.4-150600.13.11.1
fixed
suse enterprise server 15 SP7
18.4-150600.13.11.1
fixed
postgresql18-plpython
suse enterprise sap 15 SP7
18.4-150600.13.11.1
fixed
suse enterprise server 15 SP6
18.4-150600.13.11.1
fixed
suse enterprise server 15 SP7
18.4-150600.13.11.1
fixed
postgresql18-pltcl
suse enterprise sap 15 SP7
18.4-150600.13.11.1
fixed
suse enterprise server 15 SP6
18.4-150600.13.11.1
fixed
suse enterprise server 15 SP7
18.4-150600.13.11.1
fixed
postgresql18-server
suse enterprise sap 15 SP7
18.4-150600.13.11.1
fixed
suse enterprise server 15 SP6
18.4-150600.13.11.1
fixed
suse enterprise server 15 SP7
18.4-150600.13.11.1
fixed
postgresql18-server-devel
suse enterprise sap 15 SP7
18.4-150600.13.11.1
fixed
suse enterprise server 15 SP6
18.4-150600.13.11.1
fixed
suse enterprise server 15 SP7
18.4-150600.13.11.1
fixed
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
postgresql16
Amazon Linux 2023
0:16.14-1.amzn2023.0.1
fixed
postgresql16-contrib
Amazon Linux 2023
0:16.14-1.amzn2023.0.1
fixed
postgresql16-contrib-debuginfo
Amazon Linux 2023
0:16.14-1.amzn2023.0.1
fixed
postgresql16-debuginfo
Amazon Linux 2023
0:16.14-1.amzn2023.0.1
fixed
postgresql16-debugsource
Amazon Linux 2023
0:16.14-1.amzn2023.0.1
fixed
postgresql16-docs
Amazon Linux 2023
0:16.14-1.amzn2023.0.1
fixed
postgresql16-docs-debuginfo
Amazon Linux 2023
0:16.14-1.amzn2023.0.1
fixed
postgresql16-llvmjit
Amazon Linux 2023
0:16.14-1.amzn2023.0.1
fixed
postgresql16-llvmjit-debuginfo
Amazon Linux 2023
0:16.14-1.amzn2023.0.1
fixed
postgresql16-plperl
Amazon Linux 2023
0:16.14-1.amzn2023.0.1
fixed
postgresql16-plperl-debuginfo
Amazon Linux 2023
0:16.14-1.amzn2023.0.1
fixed
postgresql16-plpython3
Amazon Linux 2023
0:16.14-1.amzn2023.0.1
fixed
postgresql16-plpython3-debuginfo
Amazon Linux 2023
0:16.14-1.amzn2023.0.1
fixed
postgresql16-pltcl
Amazon Linux 2023
0:16.14-1.amzn2023.0.1
fixed
postgresql16-pltcl-debuginfo
Amazon Linux 2023
0:16.14-1.amzn2023.0.1
fixed
postgresql16-private-devel
Amazon Linux 2023
0:16.14-1.amzn2023.0.1
fixed
postgresql16-private-libs
Amazon Linux 2023
0:16.14-1.amzn2023.0.1
fixed
postgresql16-private-libs-debuginfo
Amazon Linux 2023
0:16.14-1.amzn2023.0.1
fixed
postgresql16-server
Amazon Linux 2023
0:16.14-1.amzn2023.0.1
fixed
postgresql16-server-debuginfo
Amazon Linux 2023
0:16.14-1.amzn2023.0.1
fixed
postgresql16-server-devel
Amazon Linux 2023
0:16.14-1.amzn2023.0.1
fixed
postgresql16-server-devel-debuginfo
Amazon Linux 2023
0:16.14-1.amzn2023.0.1
fixed
postgresql16-static
Amazon Linux 2023
0:16.14-1.amzn2023.0.1
fixed
postgresql16-test
Amazon Linux 2023
0:16.14-1.amzn2023.0.1
fixed
postgresql16-test-debuginfo
Amazon Linux 2023
0:16.14-1.amzn2023.0.1
fixed
postgresql16-test-rpm-macros
Amazon Linux 2023
0:16.14-1.amzn2023.0.1
fixed
postgresql16-upgrade
Amazon Linux 2023
0:16.14-1.amzn2023.0.1
fixed
postgresql16-upgrade-debuginfo
Amazon Linux 2023
0:16.14-1.amzn2023.0.1
fixed
postgresql16-upgrade-devel
Amazon Linux 2023
0:16.14-1.amzn2023.0.1
fixed
postgresql16-upgrade-devel-debuginfo
Amazon Linux 2023
0:16.14-1.amzn2023.0.1
fixed
postgresql17
Amazon Linux 2023
0:17.10-1.amzn2023.0.1
fixed
postgresql17-contrib
Amazon Linux 2023
0:17.10-1.amzn2023.0.1
fixed
postgresql17-contrib-debuginfo
Amazon Linux 2023
0:17.10-1.amzn2023.0.1
fixed
postgresql17-debuginfo
Amazon Linux 2023
0:17.10-1.amzn2023.0.1
fixed
postgresql17-debugsource
Amazon Linux 2023
0:17.10-1.amzn2023.0.1
fixed
postgresql17-docs
Amazon Linux 2023
0:17.10-1.amzn2023.0.1
fixed
postgresql17-docs-debuginfo
Amazon Linux 2023
0:17.10-1.amzn2023.0.1
fixed
postgresql17-llvmjit
Amazon Linux 2023
0:17.10-1.amzn2023.0.1
fixed
postgresql17-llvmjit-debuginfo
Amazon Linux 2023
0:17.10-1.amzn2023.0.1
fixed
postgresql17-plperl
Amazon Linux 2023
0:17.10-1.amzn2023.0.1
fixed
postgresql17-plperl-debuginfo
Amazon Linux 2023
0:17.10-1.amzn2023.0.1
fixed
postgresql17-plpython3
Amazon Linux 2023
0:17.10-1.amzn2023.0.1
fixed
postgresql17-plpython3-debuginfo
Amazon Linux 2023
0:17.10-1.amzn2023.0.1
fixed
postgresql17-pltcl
Amazon Linux 2023
0:17.10-1.amzn2023.0.1
fixed
postgresql17-pltcl-debuginfo
Amazon Linux 2023
0:17.10-1.amzn2023.0.1
fixed
postgresql17-private-devel
Amazon Linux 2023
0:17.10-1.amzn2023.0.1
fixed
postgresql17-private-libs
Amazon Linux 2023
0:17.10-1.amzn2023.0.1
fixed
postgresql17-private-libs-debuginfo
Amazon Linux 2023
0:17.10-1.amzn2023.0.1
fixed
postgresql17-server
Amazon Linux 2023
0:17.10-1.amzn2023.0.1
fixed
postgresql17-server-debuginfo
Amazon Linux 2023
0:17.10-1.amzn2023.0.1
fixed
postgresql17-server-devel
Amazon Linux 2023
0:17.10-1.amzn2023.0.1
fixed
postgresql17-server-devel-debuginfo
Amazon Linux 2023
0:17.10-1.amzn2023.0.1
fixed
postgresql17-static
Amazon Linux 2023
0:17.10-1.amzn2023.0.1
fixed
postgresql17-test
Amazon Linux 2023
0:17.10-1.amzn2023.0.1
fixed
postgresql17-test-debuginfo
Amazon Linux 2023
0:17.10-1.amzn2023.0.1
fixed
postgresql17-test-rpm-macros
Amazon Linux 2023
0:17.10-1.amzn2023.0.1
fixed
postgresql17-upgrade
Amazon Linux 2023
0:17.10-1.amzn2023.0.1
fixed
postgresql17-upgrade-debuginfo
Amazon Linux 2023
0:17.10-1.amzn2023.0.1
fixed
postgresql17-upgrade-devel
Amazon Linux 2023
0:17.10-1.amzn2023.0.1
fixed
postgresql17-upgrade-devel-debuginfo
Amazon Linux 2023
0:17.10-1.amzn2023.0.1
fixed
postgresql18
Amazon Linux 2023
0:18.4-1.amzn2023.0.1
fixed
postgresql18-contrib
Amazon Linux 2023
0:18.4-1.amzn2023.0.1
fixed
postgresql18-contrib-debuginfo
Amazon Linux 2023
0:18.4-1.amzn2023.0.1
fixed
postgresql18-debuginfo
Amazon Linux 2023
0:18.4-1.amzn2023.0.1
fixed
postgresql18-debugsource
Amazon Linux 2023
0:18.4-1.amzn2023.0.1
fixed
postgresql18-docs
Amazon Linux 2023
0:18.4-1.amzn2023.0.1
fixed
postgresql18-docs-debuginfo
Amazon Linux 2023
0:18.4-1.amzn2023.0.1
fixed
postgresql18-llvmjit
Amazon Linux 2023
0:18.4-1.amzn2023.0.1
fixed
postgresql18-llvmjit-debuginfo
Amazon Linux 2023
0:18.4-1.amzn2023.0.1
fixed
postgresql18-plperl
Amazon Linux 2023
0:18.4-1.amzn2023.0.1
fixed
postgresql18-plperl-debuginfo
Amazon Linux 2023
0:18.4-1.amzn2023.0.1
fixed
postgresql18-plpython3
Amazon Linux 2023
0:18.4-1.amzn2023.0.1
fixed
postgresql18-plpython3-debuginfo
Amazon Linux 2023
0:18.4-1.amzn2023.0.1
fixed
postgresql18-pltcl
Amazon Linux 2023
0:18.4-1.amzn2023.0.1
fixed
postgresql18-pltcl-debuginfo
Amazon Linux 2023
0:18.4-1.amzn2023.0.1
fixed
postgresql18-private-devel
Amazon Linux 2023
0:18.4-1.amzn2023.0.1
fixed
postgresql18-private-libs
Amazon Linux 2023
0:18.4-1.amzn2023.0.1
fixed
postgresql18-private-libs-debuginfo
Amazon Linux 2023
0:18.4-1.amzn2023.0.1
fixed
postgresql18-server
Amazon Linux 2023
0:18.4-1.amzn2023.0.1
fixed
postgresql18-server-debuginfo
Amazon Linux 2023
0:18.4-1.amzn2023.0.1
fixed
postgresql18-server-devel
Amazon Linux 2023
0:18.4-1.amzn2023.0.1
fixed
postgresql18-server-devel-debuginfo
Amazon Linux 2023
0:18.4-1.amzn2023.0.1
fixed
postgresql18-static
Amazon Linux 2023
0:18.4-1.amzn2023.0.1
fixed
postgresql18-test
Amazon Linux 2023
0:18.4-1.amzn2023.0.1
fixed
postgresql18-test-debuginfo
Amazon Linux 2023
0:18.4-1.amzn2023.0.1
fixed
postgresql18-test-rpm-macros
Amazon Linux 2023
0:18.4-1.amzn2023.0.1
fixed
postgresql18-upgrade
Amazon Linux 2023
0:18.4-1.amzn2023.0.1
fixed
postgresql18-upgrade-debuginfo
Amazon Linux 2023
0:18.4-1.amzn2023.0.1
fixed
postgresql18-upgrade-devel
Amazon Linux 2023
0:18.4-1.amzn2023.0.1
fixed
postgresql18-upgrade-devel-debuginfo
Amazon Linux 2023
0:18.4-1.amzn2023.0.1
fixed
Azure Linux logo
Azure Linux Releases
Azure Package
Release
postgresql
Azure Linux 3.0
0:16.14-1.azl3
fixed