CVE-2026-6637

Daily digests

The refint (referential integrity) contrib module in PostgreSQL has a stack buffer overflow and a SQL injection path. An attacker who can trigger refint functions (for example, through crafted foreign key operations) could execute arbitrary SQL or potentially crash the server. Exploitation requires the attacker to have at least the ability to insert or update data in tables using refint triggers.

• Daily Digest · May 18, 2026

  PostgreSQL refint RCE + NGINX rewrite bypass