Aggregator

libssh2-1.11.1-6.fc44

Fedora Security Advisories
1 week 2 days ago
FEDORA-2026-f87ac8187c Packages in this update:
  • libssh2-1.11.1-6.fc44
Update description:

This update addresses CVE-2026-7598, a potential heap buffer overflow, which could be triggered remotely by supplying very long username and/or password strings.

USN-8296-1: Linux kernel (FIPS) vulnerabilities

Ubuntu Security Advisories
1 week 2 days ago
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Drivers core; - Null block device driver; - Ublk userspace block driver; - Bluetooth drivers; - Counter interface drivers; - DMA engine subsystem; - DPLL subsystem; - GPU drivers; - HID subsystem; - Intel Trace Hub HW tracing drivers; - IIO ADC drivers; - IIO subsystem; - On-Chip Interconnect management framework; - IRQ chip drivers; - Modular ISDN driver; - LED subsystem; - Multiple devices driver; - UACCE accelerator framework; - MMC subsystem; - Ethernet bonding driver; - Network drivers; - Mellanox network drivers; - NVME drivers; - PHY drivers; - x86 platform drivers; - i.MX PM domains; - SCSI subsystem; - SLIMbus drivers; - SPI subsystem; - TCM subsystem; - W1 Dallas's 1-wire bus driver; - Xen hypervisor drivers; - BTRFS file system; - EFI Variable file system; - exFAT file system; - Ext4 file system; - HFS+ file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NTFS3 file system; - SMB network file system; - Scheduler infrastructure; - Netfilter; - NFC subsystem; - Tracing infrastructure; - io_uring subsystem; - BPF subsystem; - Perf events; - Floating proportions library; - Memory management; - Bluetooth subsystem; - CAN network layer; - Ceph Core library; - Networking core; - IPv4 networking; - IPv6 networking; - L2TP protocol; - MAC80211 subsystem; - NET/ROM layer; - Network traffic control; - SCTP protocol; - TLS protocol; - Unix domain sockets; - VMware vSockets driver; - Wireless networking; - ALSA AC97 driver; - Generic PCM loopback sound driver; - Creative Sound Blaster X-Fi driver; - AMD SoC Alsa drivers; - Texas InstrumentS Audio (ASoC/HDA) drivers; - USB sound devices; - KVM subsystem; (CVE-2024-50004, CVE-2024-58096, CVE-2024-58097, CVE-2025-37926, CVE-2025-38201, CVE-2025-38591, CVE-2025-40039, CVE-2025-40082, CVE-2025-40149, CVE-2025-68351, CVE-2025-68358, CVE-2025-68365, CVE-2025-68725, CVE-2025-68749, CVE-2025-68803, CVE-2025-68823, CVE-2025-71160, CVE-2025-71162, CVE-2025-71163, CVE-2025-71180, CVE-2025-71182, CVE-2025-71183, CVE-2025-71184, CVE-2025-71185, CVE-2025-71186, CVE-2025-71188, CVE-2025-71189, CVE-2025-71190, CVE-2025-71191, CVE-2025-71192, CVE-2025-71193, CVE-2025-71194, CVE-2025-71195, CVE-2025-71196, CVE-2025-71197, CVE-2025-71198, CVE-2025-71199, CVE-2025-71200, CVE-2025-71220, CVE-2025-71222, CVE-2025-71224, CVE-2025-71225, CVE-2025-71268, CVE-2026-22976, CVE-2026-22977, CVE-2026-22978, CVE-2026-22979, CVE-2026-22980, CVE-2026-22982, CVE-2026-22984, CVE-2026-22990, CVE-2026-22991, CVE-2026-22992, CVE-2026-22994, CVE-2026-22996, CVE-2026-22997, CVE-2026-22998, CVE-2026-22999, CVE-2026-23000, CVE-2026-23001, CVE-2026-23003, CVE-2026-23005, CVE-2026-23006, CVE-2026-23010, CVE-2026-23011, CVE-2026-23019, CVE-2026-23020, CVE-2026-23021, CVE-2026-23025, CVE-2026-23026, CVE-2026-23030, CVE-2026-23031, CVE-2026-23032, CVE-2026-23033, CVE-2026-23035, CVE-2026-23037, CVE-2026-23038, CVE-2026-23047, CVE-2026-23049, CVE-2026-23050, CVE-2026-23053, CVE-2026-23054, CVE-2026-23056, CVE-2026-23057, CVE-2026-23058, CVE-2026-23059, CVE-2026-23061, CVE-2026-23062, CVE-2026-23063, CVE-2026-23064, CVE-2026-23065, CVE-2026-23068, CVE-2026-23069, CVE-2026-23071, CVE-2026-23073, CVE-2026-23075, CVE-2026-23076, CVE-2026-23078, CVE-2026-23080, CVE-2026-23083, CVE-2026-23084, CVE-2026-23085, CVE-2026-23086, CVE-2026-23087, CVE-2026-23088, CVE-2026-23089, CVE-2026-23090, CVE-2026-23091, CVE-2026-23093, CVE-2026-23094, CVE-2026-23095, CVE-2026-23096, CVE-2026-23097, CVE-2026-23098, CVE-2026-23099, CVE-2026-23101, CVE-2026-23102, CVE-2026-23103, CVE-2026-23105, CVE-2026-23107, CVE-2026-23108, CVE-2026-23110, CVE-2026-23113, CVE-2026-23116, CVE-2026-23119, CVE-2026-23120, CVE-2026-23121, CVE-2026-23123, CVE-2026-23124, CVE-2026-23125, CVE-2026-23126, CVE-2026-23128, CVE-2026-23129, CVE-2026-23131, CVE-2026-23133, CVE-2026-23135, CVE-2026-23136, CVE-2026-23139, CVE-2026-23140, CVE-2026-23141, CVE-2026-23142, CVE-2026-23144, CVE-2026-23145, CVE-2026-23146, CVE-2026-23148, CVE-2026-23150, CVE-2026-23151, CVE-2026-23156, CVE-2026-23159, CVE-2026-23160, CVE-2026-23163, CVE-2026-23164, CVE-2026-23166, CVE-2026-23167, CVE-2026-23168, CVE-2026-23170, CVE-2026-23172, CVE-2026-23173, CVE-2026-23176, CVE-2026-23178, CVE-2026-23179, CVE-2026-23180, CVE-2026-23182, CVE-2026-23187, CVE-2026-23190, CVE-2026-23191, CVE-2026-23193, CVE-2026-23198, CVE-2026-23200, CVE-2026-23202, CVE-2026-23204, CVE-2026-23205, CVE-2026-23206, CVE-2026-23212, CVE-2026-23213, CVE-2026-23214, CVE-2026-23215, CVE-2026-23216, CVE-2026-23254, CVE-2026-23256, CVE-2026-23257, CVE-2026-23258, CVE-2026-23260, CVE-2026-23261, CVE-2026-23262, CVE-2026-23264, CVE-2026-23274, CVE-2026-23351, CVE-2026-23394)

USN-8295-1: Evince vulnerability

Ubuntu Security Advisories
1 week 2 days ago
It was discovered that Evince did not properly sanitize command-line arguments in PDF /GoToR actions. If a user opened a specially crafted PDF file, an attacker could possibly use this issue to execute arbitrary code.

chromium-148.0.7778.178-1.el10_3

Fedora Security Advisories
1 week 2 days ago
FEDORA-EPEL-2026-c0b39ff94f Packages in this update:
  • chromium-148.0.7778.178-1.el10_3
Update description:

Update to 148.0.7778.178

  • CVE-2026-9111: Use after free in WebRTC
  • CVE-2026-9110: Inappropriate implementation in UI
  • CVE-2026-9112: Use after free in GPU
  • CVE-2026-9113: Out of bounds read in GPU
  • CVE-2026-9114: Use after free in QUIC
  • CVE-2026-9115: Insufficient policy enforcement in Service Worker
  • CVE-2026-9116: Insufficient policy enforcement in ServiceWorker
  • CVE-2026-9117: Type Confusion in GFX
  • CVE-2026-9118: Use after free in XR
  • CVE-2026-9119: Heap buffer overflow in WebRTC
  • CVE-2026-9120: Use after free in WebRTC
  • CVE-2026-9126: Use after free in DOM
  • CVE-2026-9121: Out of bounds read in GPU
  • CVE-2026-9122: Out of bounds read in GPU
  • CVE-2026-9123: Heap buffer overflow in Chromecast
  • CVE-2026-9124: Insufficient validation of untrusted input in Input

chromium-148.0.7778.178-1.fc43

Fedora Security Advisories
1 week 2 days ago
FEDORA-2026-b17799ac62 Packages in this update:
  • chromium-148.0.7778.178-1.fc43
Update description:

Update to 148.0.7778.178

  • CVE-2026-9111: Use after free in WebRTC
  • CVE-2026-9110: Inappropriate implementation in UI
  • CVE-2026-9112: Use after free in GPU
  • CVE-2026-9113: Out of bounds read in GPU
  • CVE-2026-9114: Use after free in QUIC
  • CVE-2026-9115: Insufficient policy enforcement in Service Worker
  • CVE-2026-9116: Insufficient policy enforcement in ServiceWorker
  • CVE-2026-9117: Type Confusion in GFX
  • CVE-2026-9118: Use after free in XR
  • CVE-2026-9119: Heap buffer overflow in WebRTC
  • CVE-2026-9120: Use after free in WebRTC
  • CVE-2026-9126: Use after free in DOM
  • CVE-2026-9121: Out of bounds read in GPU
  • CVE-2026-9122: Out of bounds read in GPU
  • CVE-2026-9123: Heap buffer overflow in Chromecast
  • CVE-2026-9124: Insufficient validation of untrusted input in Input

Update to 148.0.7778.167

  • CVE-2026-8509: Heap buffer overflow in WebML
  • CVE-2026-8510: Integer overflow in Skia
  • CVE-2026-8511: Use after free in UI
  • CVE-2026-8512: Use after free in FileSystem
  • CVE-2026-8513: Use after free in Input
  • CVE-2026-8514: Use after free in Aura
  • CVE-2026-8515: Use after free in HID
  • CVE-2026-8516: Insufficient validation of untrusted input in DataTransfer
  • CVE-2026-8517: Object lifecycle issue in WebShare
  • CVE-2026-8518: Use after free in Blink
  • CVE-2026-8519: Integer overflow in ANGLE
  • CVE-2026-8520: Race in Payments
  • CVE-2026-8521: Use after free in Tab Groups
  • CVE-2026-8522: Use after free in Downloads
  • CVE-2026-8523: Use after free in Mojo
  • CVE-2026-8558: Out of bounds write in Fonts
  • CVE-2026-8524: Out of bounds write in WebAudio
  • CVE-2026-8525: Heap buffer overflow in ANGLE
  • CVE-2026-8526: Out of bounds write in WebRTC
  • CVE-2026-8527: Insufficient validation of untrusted input in Downloads
  • CVE-2026-8528: Insufficient validation of untrusted input in SiteIsolation
  • CVE-2026-8529: Heap buffer overflow in Codecs
  • CVE-2026-8530: Use after free in Network
  • CVE-2026-8531: Heap buffer overflow in WebML
  • CVE-2026-8532: Integer overflow in XML
  • CVE-2026-8533: Use after free in Accessibility
  • CVE-2026-8534: Integer overflow in GPU
  • CVE-2026-8535: Out of bounds read in Media
  • CVE-2026-8536: Insufficient validation of untrusted input in ReadingMode
  • CVE-2026-8537: Insufficient policy enforcement in ViewTransitions
  • CVE-2026-8538: Insufficient validation of untrusted input in GPU
  • CVE-2026-8539: Script injection in SanitizerAPI
  • CVE-2026-8540: Type Confusion in V8
  • CVE-2026-8541: Out of bounds read in UI
  • CVE-2026-8542: Use after free in Core
  • CVE-2026-8543: Out of bounds read in FileSystem
  • CVE-2026-8544: Use after free in Media
  • CVE-2026-8545: Object corruption in Compositing
  • CVE-2026-8546: Out of bounds read in GPU
  • CVE-2026-8547: Insufficient policy enforcement in Passwords
  • CVE-2026-8548: Out of bounds write in Media
  • CVE-2026-8549: Use after free in Media
  • CVE-2026-8550: Use after free in Google Lens
  • CVE-2026-8551: Use after free in Downloads
  • CVE-2026-8552: Heap buffer overflow in GPU
  • CVE-2026-8553: Use after free in GPU
  • CVE-2026-8554: Type Confusion in ANGLE
  • CVE-2026-8555: Use after free in GTK
  • CVE-2026-8556: Inappropriate implementation in ANGLE
  • CVE-2026-8557: Use after free in Accessibility
  • CVE-2026-8559: Integer overflow in Internationalization
  • CVE-2026-8560: Heap buffer overflow in SwiftShader
  • CVE-2026-8561: Incorrect security UI in Fullscreen
  • CVE-2026-8562: Side-channel information leakage in Navigation
  • CVE-2026-8563: Insufficient policy enforcement in IFrame Sandbox
  • CVE-2026-8564: Incorrect security UI in Downloads
  • CVE-2026-8565: Inappropriate implementation in Downloads
  • CVE-2026-8566: Insufficient policy enforcement in Payments
  • CVE-2026-8567: Integer overflow in ANGLE
  • CVE-2026-8568: Insufficient policy enforcement in AI
  • CVE-2026-8569: Out of bounds write in Codecs
  • CVE-2026-8570: Type Confusion in V8
  • CVE-2026-8571: Insufficient policy enforcement in GPU
  • CVE-2026-8572: Insufficient policy enforcement in Network
  • CVE-2026-8573: Integer overflow in Codecs
  • CVE-2026-8574: Use after free in Core
  • CVE-2026-8575: Use after free in UI
  • CVE-2026-8576: Inappropriate implementation in CORS
  • CVE-2026-8577: Integer overflow in Fonts
  • CVE-2026-8578: Out of bounds read in GPU
  • CVE-2026-8579: Insufficient validation of untrusted input in Skia
  • CVE-2026-8580: Use after free in Mojo
  • CVE-2026-8581: Use after free in GPU
  • CVE-2026-8582: Object lifecycle issue in Dawn
  • CVE-2026-8583: Insufficient policy enforcement in WebXR
  • CVE-2026-8584: Inappropriate implementation in Views
  • CVE-2026-8585: Inappropriate implementation in Media
  • CVE-2026-8586: Inappropriate implementation in Chromoting
  • CVE-2026-8587: Use after free in Extensions

chromium-148.0.7778.178-1.fc42

Fedora Security Advisories
1 week 2 days ago
FEDORA-2026-e4f5923bae Packages in this update:
  • chromium-148.0.7778.178-1.fc42
Update description:

Update to 148.0.7778.178

  • CVE-2026-9111: Use after free in WebRTC
  • CVE-2026-9110: Inappropriate implementation in UI
  • CVE-2026-9112: Use after free in GPU
  • CVE-2026-9113: Out of bounds read in GPU
  • CVE-2026-9114: Use after free in QUIC
  • CVE-2026-9115: Insufficient policy enforcement in Service Worker
  • CVE-2026-9116: Insufficient policy enforcement in ServiceWorker
  • CVE-2026-9117: Type Confusion in GFX
  • CVE-2026-9118: Use after free in XR
  • CVE-2026-9119: Heap buffer overflow in WebRTC
  • CVE-2026-9120: Use after free in WebRTC
  • CVE-2026-9126: Use after free in DOM
  • CVE-2026-9121: Out of bounds read in GPU
  • CVE-2026-9122: Out of bounds read in GPU
  • CVE-2026-9123: Heap buffer overflow in Chromecast
  • CVE-2026-9124: Insufficient validation of untrusted input in Input

Update to 148.0.7778.167

  • CVE-2026-8509: Heap buffer overflow in WebML
  • CVE-2026-8510: Integer overflow in Skia
  • CVE-2026-8511: Use after free in UI
  • CVE-2026-8512: Use after free in FileSystem
  • CVE-2026-8513: Use after free in Input
  • CVE-2026-8514: Use after free in Aura
  • CVE-2026-8515: Use after free in HID
  • CVE-2026-8516: Insufficient validation of untrusted input in DataTransfer
  • CVE-2026-8517: Object lifecycle issue in WebShare
  • CVE-2026-8518: Use after free in Blink
  • CVE-2026-8519: Integer overflow in ANGLE
  • CVE-2026-8520: Race in Payments
  • CVE-2026-8521: Use after free in Tab Groups
  • CVE-2026-8522: Use after free in Downloads
  • CVE-2026-8523: Use after free in Mojo
  • CVE-2026-8558: Out of bounds write in Fonts
  • CVE-2026-8524: Out of bounds write in WebAudio
  • CVE-2026-8525: Heap buffer overflow in ANGLE
  • CVE-2026-8526: Out of bounds write in WebRTC
  • CVE-2026-8527: Insufficient validation of untrusted input in Downloads
  • CVE-2026-8528: Insufficient validation of untrusted input in SiteIsolation
  • CVE-2026-8529: Heap buffer overflow in Codecs
  • CVE-2026-8530: Use after free in Network
  • CVE-2026-8531: Heap buffer overflow in WebML
  • CVE-2026-8532: Integer overflow in XML
  • CVE-2026-8533: Use after free in Accessibility
  • CVE-2026-8534: Integer overflow in GPU
  • CVE-2026-8535: Out of bounds read in Media
  • CVE-2026-8536: Insufficient validation of untrusted input in ReadingMode
  • CVE-2026-8537: Insufficient policy enforcement in ViewTransitions
  • CVE-2026-8538: Insufficient validation of untrusted input in GPU
  • CVE-2026-8539: Script injection in SanitizerAPI
  • CVE-2026-8540: Type Confusion in V8
  • CVE-2026-8541: Out of bounds read in UI
  • CVE-2026-8542: Use after free in Core
  • CVE-2026-8543: Out of bounds read in FileSystem
  • CVE-2026-8544: Use after free in Media
  • CVE-2026-8545: Object corruption in Compositing
  • CVE-2026-8546: Out of bounds read in GPU
  • CVE-2026-8547: Insufficient policy enforcement in Passwords
  • CVE-2026-8548: Out of bounds write in Media
  • CVE-2026-8549: Use after free in Media
  • CVE-2026-8550: Use after free in Google Lens
  • CVE-2026-8551: Use after free in Downloads
  • CVE-2026-8552: Heap buffer overflow in GPU
  • CVE-2026-8553: Use after free in GPU
  • CVE-2026-8554: Type Confusion in ANGLE
  • CVE-2026-8555: Use after free in GTK
  • CVE-2026-8556: Inappropriate implementation in ANGLE
  • CVE-2026-8557: Use after free in Accessibility
  • CVE-2026-8559: Integer overflow in Internationalization
  • CVE-2026-8560: Heap buffer overflow in SwiftShader
  • CVE-2026-8561: Incorrect security UI in Fullscreen
  • CVE-2026-8562: Side-channel information leakage in Navigation
  • CVE-2026-8563: Insufficient policy enforcement in IFrame Sandbox
  • CVE-2026-8564: Incorrect security UI in Downloads
  • CVE-2026-8565: Inappropriate implementation in Downloads
  • CVE-2026-8566: Insufficient policy enforcement in Payments
  • CVE-2026-8567: Integer overflow in ANGLE
  • CVE-2026-8568: Insufficient policy enforcement in AI
  • CVE-2026-8569: Out of bounds write in Codecs
  • CVE-2026-8570: Type Confusion in V8
  • CVE-2026-8571: Insufficient policy enforcement in GPU
  • CVE-2026-8572: Insufficient policy enforcement in Network
  • CVE-2026-8573: Integer overflow in Codecs
  • CVE-2026-8574: Use after free in Core
  • CVE-2026-8575: Use after free in UI
  • CVE-2026-8576: Inappropriate implementation in CORS
  • CVE-2026-8577: Integer overflow in Fonts
  • CVE-2026-8578: Out of bounds read in GPU
  • CVE-2026-8579: Insufficient validation of untrusted input in Skia
  • CVE-2026-8580: Use after free in Mojo
  • CVE-2026-8581: Use after free in GPU
  • CVE-2026-8582: Object lifecycle issue in Dawn
  • CVE-2026-8583: Insufficient policy enforcement in WebXR
  • CVE-2026-8584: Inappropriate implementation in Views
  • CVE-2026-8585: Inappropriate implementation in Media
  • CVE-2026-8586: Inappropriate implementation in Chromoting
  • CVE-2026-8587: Use after free in Extensions

chromium-148.0.7778.178-1.el9

Fedora Security Advisories
1 week 2 days ago
FEDORA-EPEL-2026-d1c74ffb1b Packages in this update:
  • chromium-148.0.7778.178-1.el9
Update description:

Update to 148.0.7778.178

  • CVE-2026-9111: Use after free in WebRTC
  • CVE-2026-9110: Inappropriate implementation in UI
  • CVE-2026-9112: Use after free in GPU
  • CVE-2026-9113: Out of bounds read in GPU
  • CVE-2026-9114: Use after free in QUIC
  • CVE-2026-9115: Insufficient policy enforcement in Service Worker
  • CVE-2026-9116: Insufficient policy enforcement in ServiceWorker
  • CVE-2026-9117: Type Confusion in GFX
  • CVE-2026-9118: Use after free in XR
  • CVE-2026-9119: Heap buffer overflow in WebRTC
  • CVE-2026-9120: Use after free in WebRTC
  • CVE-2026-9126: Use after free in DOM
  • CVE-2026-9121: Out of bounds read in GPU
  • CVE-2026-9122: Out of bounds read in GPU
  • CVE-2026-9123: Heap buffer overflow in Chromecast
  • CVE-2026-9124: Insufficient validation of untrusted input in Input

chromium-148.0.7778.178-1.el10_2

Fedora Security Advisories
1 week 2 days ago
FEDORA-EPEL-2026-9a7f44de0a Packages in this update:
  • chromium-148.0.7778.178-1.el10_2
Update description:

Update to 148.0.7778.178

  • CVE-2026-9111: Use after free in WebRTC
  • CVE-2026-9110: Inappropriate implementation in UI
  • CVE-2026-9112: Use after free in GPU
  • CVE-2026-9113: Out of bounds read in GPU
  • CVE-2026-9114: Use after free in QUIC
  • CVE-2026-9115: Insufficient policy enforcement in Service Worker
  • CVE-2026-9116: Insufficient policy enforcement in ServiceWorker
  • CVE-2026-9117: Type Confusion in GFX
  • CVE-2026-9118: Use after free in XR
  • CVE-2026-9119: Heap buffer overflow in WebRTC
  • CVE-2026-9120: Use after free in WebRTC
  • CVE-2026-9126: Use after free in DOM
  • CVE-2026-9121: Out of bounds read in GPU
  • CVE-2026-9122: Out of bounds read in GPU
  • CVE-2026-9123: Heap buffer overflow in Chromecast
  • CVE-2026-9124: Insufficient validation of untrusted input in Input

chromium-148.0.7778.178-1.fc44

Fedora Security Advisories
1 week 2 days ago
FEDORA-2026-c758d44a9a Packages in this update:
  • chromium-148.0.7778.178-1.fc44
Update description:

Update to 148.0.7778.178

  • CVE-2026-9111: Use after free in WebRTC
  • CVE-2026-9110: Inappropriate implementation in UI
  • CVE-2026-9112: Use after free in GPU
  • CVE-2026-9113: Out of bounds read in GPU
  • CVE-2026-9114: Use after free in QUIC
  • CVE-2026-9115: Insufficient policy enforcement in Service Worker
  • CVE-2026-9116: Insufficient policy enforcement in ServiceWorker
  • CVE-2026-9117: Type Confusion in GFX
  • CVE-2026-9118: Use after free in XR
  • CVE-2026-9119: Heap buffer overflow in WebRTC
  • CVE-2026-9120: Use after free in WebRTC
  • CVE-2026-9126: Use after free in DOM
  • CVE-2026-9121: Out of bounds read in GPU
  • CVE-2026-9122: Out of bounds read in GPU
  • CVE-2026-9123: Heap buffer overflow in Chromecast
  • CVE-2026-9124: Insufficient validation of untrusted input in Input

USN-8294-1: PostgreSQL vulnerabilities

Ubuntu Security Advisories
1 week 3 days ago
It was discovered that PostgreSQL did not correctly enforce authorization for CREATE TYPE. An attacker could possibly use this issue to execute arbitrary SQL functions. (CVE-2026-6472) It was discovered that PostgreSQL incorrectly handled large user input in multiple server features. An attacker could possibly use this issue to cause PostgreSQL to crash, resulting in a denial of service, or execute arbitrary code. (CVE-2026-6473) It was discovered that PostgreSQL incorrectly handled format strings in the timeofday() function. An attacker could possibly use this issue to obtain sensitive information. (CVE-2026-6474) It was discovered that PostgreSQL incorrectly followed symbolic links in pg_basebackup and pg_rewind. An attacker could possibly use this issue to overwrite local files and execute arbitrary code. (CVE-2026-6475) It was discovered that PostgreSQL had an SQL injection vulnerability in pg_createsubscriber. An attacker could possibly use this issue to execute arbitrary SQL as a superuser. This issue only affected Ubuntu 25.10 and Ubuntu 26.04 LTS. (CVE-2026-6476) It was discovered that PostgreSQL used an unsafe libpq function in large object operations. An attacker could possibly use this issue to overwrite client memory and execute arbitrary code. (CVE-2026-6477) It was discovered that PostgreSQL did not compare MD5-hashed passwords in constant time. An attacker could possibly use this issue to obtain sensitive information. (CVE-2026-6478) It was discovered that PostgreSQL had uncontrolled recursion during SSL and GSS negotiation. An attacker could possibly use this issue to cause a denial of service. (CVE-2026-6479) It was discovered that PostgreSQL incorrectly handled array length mismatches in pg_restore_attribute_stats(). An attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 26.04 LTS. (CVE-2026-6575) It was discovered that PostgreSQL had a stack buffer overflow in the refint module. An attacker could use this issue to cause PostgreSQL to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2026-6637) It was discovered that PostgreSQL had an SQL injection vulnerability in logical replication REFRESH PUBLICATION. An attacker could possibly use this issue to execute arbitrary SQL. This issue only affected Ubuntu 24.04 LTS, Ubuntu 25.10, and Ubuntu 26.04 LTS. (CVE-2026-6638)