← Back to News Browse all tags

database

56 articles with this tag

Drupal: Critical SQL injection flaw now targeted in attacks

BleepingComputer • May 22, 2026

[NEU] [mittel] IBM DB2: Mehrere Schwachstellen

BSI Germany • May 22, 2026

Unpatched ChromaDB flaw leaves servers open to remote code execution

CSO Online • May 21, 2026

[UPDATE] [hoch] Oracle MySQL: Mehrere Schwachstellen

BSI Germany • May 20, 2026

Max-severity flaw in ChromaDB for AI apps allows server hijacking

BleepingComputer • May 19, 2026

RHSA-2026:19010: Important: postgresql16 security update

Red Hat Errata • May 19, 2026

RHSA-2026:19009: Important: postgresql18 security update

Red Hat Errata • May 19, 2026

[NEU] [mittel] MongoDB: Schwachstelle ermöglicht Denial of Service

BSI Germany • May 19, 2026

RCE and arbitrary file write in Vitess vtbackup via untrusted MANIFEST fields

Reddit r/netsec • May 19, 2026

[UPDATE] [hoch] IBM DB2: Mehrere Schwachstellen

BSI Germany • May 19, 2026

CVE-2026-6479 PostgreSQL SSL/GSS init causes denial of service, via uncontrolled recursion

Microsoft Security Response Center • May 16, 2026

CVE-2026-6472 PostgreSQL CREATE TYPE does not check multirange schema CREATE privilege

Microsoft Security Response Center • May 16, 2026

CVE-2026-6474 PostgreSQL timeofday() can disclose portions of server memory

Microsoft Security Response Center • May 16, 2026

CVE-2026-6475 PostgreSQL pg_basebackup and pg_rewind can overwrite unrelated files of origin superuser choice

Microsoft Security Response Center • May 16, 2026

CVE-2026-6477 PostgreSQL libpq lo_* functions let server superuser overwrite client stack memory

Microsoft Security Response Center • May 16, 2026

CVE-2026-6637 PostgreSQL refint allows stack buffer overflow and SQL injection

Microsoft Security Response Center • May 16, 2026

CVE-2026-6638 PostgreSQL REFRESH PUBLICATION allows SQL injection via table name

Microsoft Security Response Center • May 16, 2026

CVE-2026-6473 PostgreSQL server undersizes allocations, via integer wraparound

Microsoft Security Response Center • May 16, 2026

CVE-2026-6478 PostgreSQL discloses MD5-hashed passwords via covert timing channel

Microsoft Security Response Center • May 16, 2026

Multiples vulnérabilités dans PostgreSQL (15 mai 2026)

CERT-FR (ANSSI) • May 15, 2026

DSA-6269-1 postgresql-15 - security update

Debian Security • May 14, 2026

DSA-6270-1 postgresql-17 - security update

Debian Security • May 14, 2026

Our billing pipeline was suddenly slow. The culprit was a hidden bottleneck in ClickHouse

Cloudflare Blog • May 14, 2026

[NEU] [hoch] MongoDB: Mehrere Schwachstellen

BSI Germany • May 13, 2026

CVE-2026-6666 PgBouncer crash in kill_pool_logins_server_error

Microsoft Security Response Center • May 10, 2026

CVE-2026-6667 PgBouncer missing authorization check in KILL_CLIENT admin command

Microsoft Security Response Center • May 10, 2026

CVE-2026-6665 PgBouncer buffer overflow in SCRAM

Microsoft Security Response Center • May 10, 2026

CVE-2026-6664 PgBouncer integer overflow in PgBouncer network packet parsing

Microsoft Security Response Center • May 10, 2026

CVE-2026-41889 pgx: SQL Injection via placeholder confusion with dollar quoted string literals

Microsoft Security Response Center • May 10, 2026

[NEU] [mittel] MongoDB: Mehrere Schwachstellen

BSI Germany • Apr 30, 2026

[UPDATE] [hoch] MongoDB: Schwachstelle ermöglicht Codeausführung und DoS

BSI Germany • Apr 28, 2026

[UPDATE] [mittel] IBM DB2: Mehrere Schwachstellen ermöglichen Denial of Service

BSI Germany • Apr 28, 2026

[UPDATE] [hoch] IBM DB2: Mehrere Schwachstellen

BSI Germany • Apr 28, 2026

[UPDATE] [mittel] IBM DB2: Mehrere Schwachstellen

BSI Germany • Apr 28, 2026

[UPDATE] [mittel] IBM DB2: Mehrere Schwachstellen

BSI Germany • Apr 28, 2026

[UPDATE] [mittel] Apache Cassandra (Netty): Schwachstelle ermöglicht Denial of Service

BSI Germany • Apr 28, 2026

[UPDATE] [hoch] IBM DB2: Mehrere Schwachstellen

BSI Germany • Apr 28, 2026

Unsecured database exposes Three Trees customer, delivery driver data

SC Media • Apr 23, 2026

NIST admits defeat on NVD backlog, will enrich only highest-risk CVEs going forward

Help Net Security • Apr 16, 2026

[NEU] [mittel] IBM DB2: Mehrere Schwachstellen ermöglichen Denial of Service

BSI Germany • Apr 16, 2026

Multiples vulnérabilités dans Mitel MiCollab (09 avril 2026)

CERT-FR (ANSSI) • Apr 09, 2026

[NEU] [mittel] MariaDB: Schwachstelle ermöglicht Denial of Service

BSI Germany • Apr 07, 2026

[UPDATE] [hoch] Oracle MySQL: Mehrere Schwachstellen

BSI Germany • Apr 07, 2026

[UPDATE] [mittel] MariaDB: Mehrere Schwachstellen ermöglichen Denial of Service

BSI Germany • Apr 07, 2026

[UPDATE] [hoch] Oracle MySQL: Mehrere Schwachstellen

BSI Germany • Apr 07, 2026

Vulnérabilité dans VMware Tanzu pour Postgres (24 mars 2026)

CERT-FR (ANSSI) • Mar 24, 2026

[NEU] [hoch] MariaDB: Schwachstelle ermöglicht Denial of Service und potenziell Codeausführung

BSI Germany • Mar 23, 2026

MCP server security: Why AI agents need server-level SQL validation, not just prompt constraints

Reddit r/netsec • Mar 23, 2026

[NEU] [hoch] Microsoft Dynamics 365 Customer Engagement: Schwachstelle ermöglicht SQL-Injection

BSI Germany • Mar 19, 2026

[NEU] [hoch] MongoDB: Mehrere Schwachstellen

BSI Germany • Mar 18, 2026

[UPDATE] [hoch] PostgreSQL: Schwachstelle ermöglicht Privilegieneskalation

BSI Germany • Mar 10, 2026

[UPDATE] [hoch] PostgreSQL: Mehrere Schwachstellen

BSI Germany • Mar 10, 2026

[UPDATE] [hoch] PostgreSQL: Schwachstelle ermöglicht SQL Injection und Codeausführung

BSI Germany • Mar 10, 2026

[UPDATE] [mittel] Apache Cassandra: Schwachstelle ermöglicht Codeausführung

BSI Germany • Mar 10, 2026

The Multi-Model Database for AI Agents: Deploy SurrealDB with Docker Extension

Docker Blog • Feb 17, 2026

Object-capability SQL sandboxing for LLM agents — $1K CTF bounty to break it

Reddit r/netsec • Jan 29, 2026