{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T12:59:59.216","vulnerabilities":[{"cve":{"id":"CVE-2026-2003","sourceIdentifier":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","published":"2026-02-12T14:16:02.067","lastModified":"2026-02-20T19:53:43.333","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper validation of type \"oidvector\" in PostgreSQL allows a database user to disclose a few bytes of server memory.  We have not ruled out viability of attacks that arrange for presence of confidential information in disclosed bytes, but they seem unlikely.  Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected."},{"lang":"es","value":"La validación incorrecta del tipo 'oidvector' en PostgreSQL permite a un usuario de base de datos divulgar unos pocos bytes de memoria del servidor. No hemos descartado la viabilidad de ataques que dispongan la presencia de información confidencial en los bytes divulgados, pero parecen poco probables. Las versiones anteriores a PostgreSQL 18.2, 17.8, 16.12, 15.16 y 14.21 están afectadas."}],"metrics":{"cvssMetricV31":[{"source":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","type":"Secondary","description":[{"lang":"en","value":"CWE-1287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0","versionEndExcluding":"14.21","matchCriteriaId":"4BCEAB7B-E4FC-4F9F-A1F9-62EA7DD6D6CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0","versionEndExcluding":"15.16","matchCriteriaId":"4B408DAF-2DCD-45FE-94EE-BC84947A41C8"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0","versionEndExcluding":"16.12","matchCriteriaId":"6353A59B-FE67-4DD5-B0E6-C10F0D2358D0"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*","versionStartIncluding":"17.0","versionEndExcluding":"17.8","matchCriteriaId":"E2CCF450-C726-403A-975F-B5717E92A769"},{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*","versionStartIncluding":"18.0","versionEndExcluding":"18.2","matchCriteriaId":"6B872502-5316-4E79-8FA1-24E5D8222C39"}]}]}],"references":[{"url":"https://www.postgresql.org/support/security/CVE-2026-2003/","source":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","tags":["Vendor Advisory"]}]}}]}