Critical flaws affecting core components and extensions in PostgreSQL and MariaDB could allow remote code execution. The bugs, some over 20 years old, have now been patched.

CSO Online offers insights into cybersecurity, risk management, and IT leadership, providing articles, reports, and expert analysis to help security professionals navigate the evolving threat landscape and protect their organizations from cyber attacks. By exploring CSO Online's curated content, CISOs, security managers, and IT executives can learn about threat intelligence, security frameworks, and incident response strategies for building resilient cybersecurity programs. Whether you're defending against ransomware, phishing attacks, or insider threats, CSO Online offers resources to strengthen your security posture and safeguard your digital assets.

CSO Online

AI-powered security tool Xint Code, used at Wiz's zeroday.cloud hacking event, uncovered critical vulnerabilities in PostgreSQL and MariaDB. In PostgreSQL, a heap-based buffer overflow in the pgcrypto extension (CVE-2026-2005, CVSS 8.8) has existed since 2005, and a missing validation bug (CVE-2026-2006, CVSS ~9) was also found — both enabling remote code execution. In MariaDB, a buffer overflow in the JSON_SCHEMA_VALID() function (CVE-2026-32710, CVSS 9.9 per NIST) can be exploited by any authenticated SQL user. All flaws have been patched, and maintainers urge immediate upgrades. A Wiz analysis found 80% of cloud PostgreSQL environments affected, with 45% directly internet-exposed.

AI finds 20-year-old bugs in PostgreSQL and MariaDB

<p>That’s great for model perspective, however how many of the humans have tried to find the vulnerabilities in this database platforms.  Most of the users even using for decade never gone in the details fo this.</p>
<p>The bad side of hackers don’t want to report that as it’s where they can enter, though they are aware of that from long.</p>
