{"uuid": "f35005dd-03bd-46d6-9ce8-4ee59a50ac00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-2005", "type": "seen", "source": "https://bsky.app/profile/pgexperts.bsky.social/post/3mnku2s4kn62w", "content": "CVE-2026-2005: a heap buffer overflow in pgcrypto's pgp_parse_pubenc_sesskey() that sat in the source for roughly 20 years. CVSS 8.8. Fixed in PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 on May 14.\n\nIf you have not patched, patch.\n\nwww.postgresql.org/support/secu...\n\npgexperts.com", "creation_timestamp": "2026-06-05T19:17:08.912841Z"}