VDB

TNCVE-2026-32286

TNCVE-2026-32286 PUBLISHED

The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic.

Timeline

  • Mar 26, 2026 CVE Published

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›