A public proof-of-concept exploit has been released for CVE-2026-2005, a critical heap-based buffer overflow in PostgreSQL’s pgcrypto extension that enables full remote code execution and privilege escalation to database superuser. The vulnerable code has silently existed since pgcrypto was first contributed to PostgreSQL in 2005, over two decades ago, a fully autonomous AI-powered security analysis tool, at the Wiz-hosted ZeroDay.Cloud 2025 hacking event […]
The post PoC Released for 20-Year Old PostgreSQL RCE Flaw appeared first on Cyber Security News.