SUSE PostgreSQL Security Patches Address Critical SQL Injection Vulnerabilities

SUSE released important security updates for PostgreSQL versions 14, 15, and 16 on June 19, 2026, addressing multiple vulnerabilities including SQL injection and buffer overflows. The updates fix issues identified as CVE-2026-6472 through CVE-2026-6637, all published on May 14, 2026. These vulnerabilities could allow attackers to exploit the database systems by manipulating SQL queries or causing memory allocation errors. The affected versions include PostgreSQL 14, 15, and 16, impacting users who have not yet applied the patches. The updates are rated as important, and users are urged to update their systems promptly to mitigate potential risks. The vulnerabilities include critical issues such as unbounded recursion and unsafe function calls within the database libraries. Organizations using these PostgreSQL versions should prioritize applying the patches to safeguard their data integrity and security.

Key Points: • SUSE released security patches for PostgreSQL 14, 15, and 16 on June 19, 2026. • The updates address multiple vulnerabilities including SQL injection and buffer overflows. • All vulnerabilities were published on May 14, 2026, and are rated as important.