VDB
CGA-8x2g-hmcp-m78w
CGA-8x2g-hmcp-m78w
PUBLISHED
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Wolfi | postgresql-17-base | 0, 0, 0 |
| Chainguard | libecpg-13-dev | 0, 0, 0 |
| Wolfi | postgresql-13-base | 0, 0, 0 |
| Chainguard | libecpg-17 | 0, 0, 0 |
| Chainguard | postgresql-13-oci-entrypoint-base | 0, 0, 0 |
| Chainguard | postgresql-17 | 0, 0, 0 |
| Wolfi | postgresql-13-oci-entrypoint-base | 0, 0, 0 |
| Wolfi | libpq-15 | 0, 0, 0 |
| Chainguard | postgresql-13 | 0, 0, 0 |
| Wolfi | libecpg-13 | 0, 0, 0 |
| Wolfi | py3.10-plpython-17 | 0, 0, 0 |
| Chainguard | libecpg-15-dev | 0, 0, 0 |
| Wolfi | postgresql-14-oci-entrypoint-base | 0, 0, 0 |
| Wolfi | postgresql-17-contrib | 0, 0, 0 |
| Chainguard | postgresql-14-oci-entrypoint-base | 0, 0, 0 |
| Wolfi | postgresql-16-dev | 0, 0, 0 |
| Wolfi | postgresql-13 | 0, 0, 0 |
| Wolfi | postgresql-13-dev | 0, 0, 0 |
| Chainguard | postgresql-13-bitnami-compat | 0, 0, 0 |
| Wolfi | py3.11-plpython | 0, 0, 0 |
…and 123 more
Exploit Intelligence
- 🔒 CVE-2025-1094 PostgreSQL Multi-byte SQL Injection Demo | Educational security research project with full documentation (github-poc-repo)
- TranDongA3/POC-CVE-2025-1094 (github-poc-repo)
- TranDongA3/POC-CVE-2025-1094 (github-poc)
- 🔒 CVE-2025-1094 PostgreSQL Multi-byte SQL Injection Demo | Educational security research project with full documentation (github-poc)
- It is an input sanitization flaw caused by an encoding mismatch, allowing crafted input to bypass filters. If a server is vulnerable, an attacker can inject malicious SQL that the backend executes. (github-poc)
- ishwardeepp/CVE-2025-1094-PoC-Postgre-SQLi (github-poc)
- WebSocket and SQL Injection Exploit Script (github-poc)
- Detects CVE-2025-1094 - PostgreSQL SQL Injection to RCE. This script attempts to identify systems vulnerable to CVE-2025-1094 by checking for specific indicators and patterns. References: * https://nvd.nist.gov/vuln/detail/CVE-2025-1094 * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1094 (nmap-nse)
- GenerationConfig.java (github-poc)
- SelfAdaptationGenerationConfig.java (github-poc)
Timeline
- Jan 3, 2026 PoC Published
- Jan 29, 2026 CVE Published
- Feb 4, 2026 CVE Updated