vulnerability

Oracle Linux: CVE-2026-2003: ELSA-2026-4110: postgresql:16 security update (IMPORTANT)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:L/Au:S/C:P/I:N/A:N)	Feb 12, 2026	Mar 12, 2026	Mar 25, 2026

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:N/A:N)

Published

Feb 12, 2026

Added

Mar 12, 2026

Modified

Mar 25, 2026

Description

Improper validation of type "oidvector" in PostgreSQL allows a database user to disclose a few bytes of server memory. We have not ruled out viability of attacks that arrange for presence of confidential information in disclosed bytes, but they seem unlikely. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected.

Solutions

oracle-linux-upgrade-pgauditoracle-linux-upgrade-pg-repackoracle-linux-upgrade-pgvectororacle-linux-upgrade-postgisoracle-linux-upgrade-postgis-clientoracle-linux-upgrade-postgis-docsoracle-linux-upgrade-postgis-upgradeoracle-linux-upgrade-postgis-utilsoracle-linux-upgrade-postgres-decoderbufsoracle-linux-upgrade-postgresqloracle-linux-upgrade-postgresql-contriboracle-linux-upgrade-postgresql-docsoracle-linux-upgrade-postgresql-plperloracle-linux-upgrade-postgresql-plpython3oracle-linux-upgrade-postgresql-pltcloracle-linux-upgrade-postgresql-private-develoracle-linux-upgrade-postgresql-private-libsoracle-linux-upgrade-postgresql-serveroracle-linux-upgrade-postgresql-server-develoracle-linux-upgrade-postgresql-staticoracle-linux-upgrade-postgresql-testoracle-linux-upgrade-postgresql-test-rpm-macrosoracle-linux-upgrade-postgresql-upgradeoracle-linux-upgrade-postgresql-upgrade-devel

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today