Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
PostgreSQL: Users can access restricted data through optimizer statistics
CLEANSTART-2026-WY43835
Summary
A security issue in PostgreSQL's optimizer statistics allows users to access data they shouldn't be able to see within certain views. This affects users with limited access to the database. Update PostgreSQL to the latest version to fix this issue.
What to do
- Update postgresql to version 17.6-r0.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | postgresql | <= 17.6-r0 | 17.6-r0 |
Original title
PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access
Original description
Multiple security vulnerabilities affect the postgresql package. PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. See references for individual vulnerability details.
osv CVSS3.1
9.8
- https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advis... Vendor Advisory
- https://osv.dev/vulnerability/CVE-2023-5870 URL
- https://osv.dev/vulnerability/CVE-2024-7348 URL
- https://osv.dev/vulnerability/CVE-2025-8713 URL
- https://osv.dev/vulnerability/CVE-2025-8714 URL
- https://osv.dev/vulnerability/CVE-2025-8715 URL
- https://nvd.nist.gov/vuln/detail/CVE-2023-5870 URL
- https://nvd.nist.gov/vuln/detail/CVE-2024-7348 URL
- https://nvd.nist.gov/vuln/detail/CVE-2025-8713 URL
- https://nvd.nist.gov/vuln/detail/CVE-2025-8714 URL
- https://nvd.nist.gov/vuln/detail/CVE-2025-8715 URL
Published: 4 Mar 2026 · Updated: 13 Mar 2026 · First seen: 9 Mar 2026