CVE-2026-6665

Daily digests

A buffer overflow in PgBouncer's SCRAM authentication handling could let an attacker crash the connection pooler or potentially run code on the host. Exploitation requires the attacker to reach PgBouncer's listening port and initiate a SCRAM auth exchange, but no valid credentials are needed to trigger the overflow.

• Daily Digest · May 12, 2026

  FireFighter Jira bot SSRF scores 9.9, patch now