Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: databases Clear
ID Title
CVE-2026-49090 Vulnerability in dos (CVE-2026-49090)
vulnerability in dos (CVE-2026-49090). Risk of unauthorized operations or information disclosure.
CVE-2026-56149 Vulnerability in dos (CVE-2026-56149)
vulnerability in dos (CVE-2026-56149). Risk of unauthorized operations or information disclosure.
CVE-2026-56148 Vulnerability in dos (CVE-2026-56148)
vulnerability in dos (CVE-2026-56148). Risk of unauthorized operations or information disclosure.
CVE-2026-47835 Vulnerability in CVE-2026-47835 (CVE-2026-47835)
vulnerability in CVE-2026-47835 (CVE-2026-47835). Confidential information can be exposed externally.
CVE-2026-48165 OS Command Injection in mariadb (CVE-2026-48165)
OS command injection in mariadb (CVE-2026-48165). Successful exploitation can lead to full system takeover.
CVE-2026-48163 OS Command Injection in mariadb (CVE-2026-48163)
OS command injection in mariadb (CVE-2026-48163). Successful exploitation can lead to full system takeover.
CVE-2026-44172 SQL Injection in mariadb (CVE-2026-44172)
SQL injection in mariadb (CVE-2026-44172). Successful exploitation can lead to full system takeover.
CVE-2026-44173 Authorization Flaw in mariadb (CVE-2026-44173)
vulnerability in mariadb (CVE-2026-44173). Risk of unauthorized operations or information disclosure.
CVE-2026-44168 OS Command Injection in mariadb (CVE-2026-44168)
OS command injection in mariadb (CVE-2026-44168). Successful exploitation can lead to full system takeover.
CVE-2026-44169 Authorization Flaw in mariadb (CVE-2026-44169)
vulnerability in mariadb (CVE-2026-44169). Risk of unauthorized operations or information disclosure.
CVE-2026-44170 OS Command Injection in mariadb (CVE-2026-44170)
OS command injection in mariadb (CVE-2026-44170). Successful exploitation can lead to full system takeover.
CVE-2026-44171 Path Traversal in mariadb (CVE-2026-44171)
path traversal in mariadb (CVE-2026-44171). Successful exploitation can lead to full system takeover.
CVE-2026-11933 A use-after-free vulnerability exists in MongoDB Server's server-side JavaScript engine when...
A use-after-free vulnerability exists in MongoDB Server's server-side JavaScript engine when...
CVE-2026-49261 OS Command Injection in mariadb (CVE-2026-49261)
OS command injection in mariadb (CVE-2026-49261). Successful exploitation can lead to full system takeover. Exploitable via ``wsrep_notify_cmd``. Mitigation: upgrade to `10.6.27` or later.
CVE-2026-9754 Vulnerability in mongodb (CVE-2026-9754)
vulnerability in mongodb (CVE-2026-9754). Confidential information can be exposed externally.
CVE-2026-9753 Vulnerability in mongodb (CVE-2026-9753)
vulnerability in mongodb (CVE-2026-9753). Confidential information can be exposed externally.
CVE-2026-9749 Vulnerability in mongodb (CVE-2026-9749)
vulnerability in mongodb (CVE-2026-9749). Risk of unauthorized operations or information disclosure.
CVE-2026-9747 Vulnerability in mongodb (CVE-2026-9747)
vulnerability in mongodb (CVE-2026-9747). Risk of unauthorized operations or information disclosure.
CVE-2026-9741 Vulnerability in mongodb (CVE-2026-9741)
vulnerability in mongodb (CVE-2026-9741). Confidential information can be exposed externally.
CVE-2026-9750 Vulnerability in mongodb (CVE-2026-9750)
vulnerability in mongodb (CVE-2026-9750). Risk of unauthorized operations or information disclosure.
CVE-2026-9752 Vulnerability in mongodb (CVE-2026-9752)
vulnerability in mongodb (CVE-2026-9752). Risk of unauthorized operations or information disclosure.
CVE-2026-9748 Vulnerability in mongodb (CVE-2026-9748)
vulnerability in mongodb (CVE-2026-9748). Risk of unauthorized operations or information disclosure.
CVE-2026-9751 Vulnerability in mongodb (CVE-2026-9751)
vulnerability in mongodb (CVE-2026-9751). Confidential information can be exposed externally. Mitigation: upgrade to `7.0.35, 8.0.24, 8.2.10, 8.3.3` or later.
CVE-2026-9742 Vulnerability in mongodb (CVE-2026-9742)
vulnerability in mongodb (CVE-2026-9742). Risk of unauthorized operations or information disclosure.
CVE-2026-9746 Vulnerability in mongodb (CVE-2026-9746)
vulnerability in mongodb (CVE-2026-9746). Risk of unauthorized operations or information disclosure.
CVE-2026-9740 Vulnerability in mongodb (CVE-2026-9740)
vulnerability in mongodb (CVE-2026-9740). Risk of unauthorized operations or information disclosure.
CVE-2026-9735 Vulnerability in mongodb (CVE-2026-9735)
vulnerability in mongodb (CVE-2026-9735). Confidential information can be exposed externally.
CVE-2026-9743 Vulnerability in dos (CVE-2026-9743)
vulnerability in dos (CVE-2026-9743). Risk of unauthorized operations or information disclosure.
CVE-2026-11824 SQLite before 3.53.2 Heap Buffer Overflow via FTS5 fts5ChunkIterate
SQLite before 3.53.2 Heap Buffer Overflow via FTS5 fts5ChunkIterate
CVE-2026-11822 SQLite before 3.53.2 Memory Corruption in FTS5 Extension
SQLite before 3.53.2 Memory Corruption in FTS5 Extension
CVE-2026-11400 CVE-2026-11400 and CVE-2026-11401
Bulletin ID: 2026-039-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 06/025/2026 12:15 PM PDT Description: Amazon Aurora PostgreSQL a fully managed relational database engine that's compatible with PostgreSQL. We identified CVE-2026-11400(JDBC) and CVE-2026-11401(Go), an issue in AWS Wrappers for Amazon Aurora PostgreSQL will allow for privilege escalation to rds_superuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service (RDS) users. Impacted versions: - AWS Advanced JDBC Wrapper >=3.0.0 and < 4.0.1 - AWS Advanced Go Wrapper release 2026-04-06 Please refer to the article below for the most up-to-date and complete information related to this AWS Security Bulletin.
CVE-2026-47784 Vulnerability in memcached (CVE-2026-47784)
vulnerability in memcached (CVE-2026-47784). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.6.42` or later.
CVE-2026-47783 Vulnerability in memcached (CVE-2026-47783)
vulnerability in memcached (CVE-2026-47783). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.6.42` or later.
CVE-2026-6638 SQL Injection in postgresql (CVE-2026-6638)
SQL injection in postgresql (CVE-2026-6638). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `16.14.0, 17.10.0, 18.4.0` or later.
CVE-2026-6476 SQL Injection in postgresql (CVE-2026-6476)
SQL injection in postgresql (CVE-2026-6476). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `17.10.0, 18.4.0` or later.
CVE-2026-6472 Vulnerability in postgresql (CVE-2026-6472)
vulnerability in postgresql (CVE-2026-6472). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.23.0, 15.18.0, 16.14.0, 17.10.0, 18.4.0` or later.
CVE-2026-6473 Vulnerability in postgresql (CVE-2026-6473)
vulnerability in postgresql (CVE-2026-6473). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `14.23.0, 15.18.0, 16.14.0, 17.10.0, 18.4.0` or later.
CVE-2026-6479 Vulnerability in postgresql (CVE-2026-6479)
vulnerability in postgresql (CVE-2026-6479). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.23.0, 15.18.0, 16.14.0, 17.10.0, 18.4.0` or later.
CVE-2026-6478 Vulnerability in postgresql (CVE-2026-6478)
vulnerability in postgresql (CVE-2026-6478). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.23.0, 15.18.0, 16.14.0, 17.10.0, 18.4.0` or later.
CVE-2026-6474 Vulnerability in postgresql (CVE-2026-6474)
vulnerability in postgresql (CVE-2026-6474). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.23.0, 15.18.0, 16.14.0, 17.10.0, 18.4.0` or later.
CVE-2026-6475 Vulnerability in postgresql (CVE-2026-6475)
vulnerability in postgresql (CVE-2026-6475). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `14.23.0, 15.18.0, 16.14.0, 17.10.0, 18.4.0` or later.
CVE-2026-6477 Vulnerability in postgresql (CVE-2026-6477)
vulnerability in postgresql (CVE-2026-6477). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `14.23.0, 15.18.0, 16.14.0, 17.10.0, 18.4.0` or later.
CVE-2026-6575 Vulnerability in postgresql (CVE-2026-6575)
vulnerability in postgresql (CVE-2026-6575). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.4.0` or later.
CVE-2026-6637 SQL Injection in postgresql (CVE-2026-6637)
SQL injection in postgresql (CVE-2026-6637). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `14.23.0, 15.18.0, 16.14.0, 17.10.0, 18.4.0` or later.
CVE-2026-46446 SOGo before 5.12.7, when PostgreSQL or MariaDB is used, and cleartext passwords are stored,...
SOGo before 5.12.7, when PostgreSQL or MariaDB is used, and cleartext passwords are stored,...
CVE-2026-46445 SOGo before 5.12.7, when PostgreSQL is used, allows SQL injection.
SOGo before 5.12.7, when PostgreSQL is used, allows SQL injection.
CVE-2026-8336 Use-After-Free in mongodb (CVE-2026-8336)
vulnerability in mongodb (CVE-2026-8336). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `8.2.9, 8.3.2` or later.
CVE-2026-8202 Vulnerability in mongodb (CVE-2026-8202)
vulnerability in mongodb (CVE-2026-8202). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `7.0.34, 8.0.23, 8.2.9, 8.3.2` or later.
CVE-2026-8053 Out-of-Bounds Write in mongodb (CVE-2026-8053)
out-of-bounds write in mongodb (CVE-2026-8053). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.0.33, 6.0.28, 7.0.34, 8.0.23, 8.2.9, 8.3.2` or later.
CVE-2026-8200 Vulnerability in mongodb (CVE-2026-8200)
vulnerability in mongodb (CVE-2026-8200). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `7.0.34, 8.0.23, 8.2.9, 8.3.2` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →