JLSEC-2026-604

See a problem?
Please try reporting it to the source first.
Source
https://github.com/JuliaLang/SecurityAdvisories.jl/blob/main/advisories/published/2026/JLSEC-2026-604.md
Import Source
https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-604.json
JSON Data
https://api.test.osv.dev/v1/vulns/JLSEC-2026-604
Upstream
  • CVE-2026-6477
Published
2026-06-08T13:54:13.679Z
Modified
2026-06-08T14:00:04.353316945Z
Summary
[none]
Details

Use of inherently dangerous function PQfn(..., resultisint=0, ...) in PostgreSQL libpq loexport(), loread(), lolseek64(), and lotell64() functions allows the server superuser to overwrite a client stack buffer with an arbitrarily-large response. Like gets(), PQfn(..., resultisint=0, ...) stores arbitrary-length, server-determined data into a buffer of unspecified size. Because both the \loexport command in psql and pgdump call loread(), the server superuser can overwrite pgdump or psql stack memory. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected.

Database specific 
{
    "sources": [
        {
            "modified": "2026-05-18T15:03:26.733Z",
            "published": "2026-05-14T14:16:25.347Z",
            "html_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6477",
            "database_specific": {
                "status": "Analyzed"
            },
            "url": "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2026-6477",
            "id": "CVE-2026-6477",
            "imported": "2026-06-08T13:34:09.766Z"
        }
    ],
    "license": "CC-BY-4.0"
}
References

Affected packages

Julia / LibPQ_jll

Package

Name
LibPQ_jll
Purl
pkg:julia/LibPQ_jll?uuid=08be9ffa-1c94-5ee5-a977-46a84ec9b350

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
16.14.0+0

Database specific

source 
"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-604.json"