rootio-postgresql-13: Unpatched SQL Injection Allows Unauthorized Access

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

rootio-postgresql-13: Unpatched SQL Injection Allows Unauthorized Access

ROOT-OS-DEBIAN-11-CVE-2026-2004

Summary

A security patch has been released for rootio-postgresql-13 to fix a vulnerability that could allow attackers to inject malicious SQL code and gain unauthorized access to a database. This affects users of rootio-postgresql-13 on Debian 11. To stay secure, update to the latest patched version of the software.

What to do

Update rootio-postgresql-13 to version 13.23-0+deb11u1.root.io.4.

Affected software

Vendor	Product	Affected versions	Fix available
–	rootio-postgresql-13	<= 13.23-0+deb11u1.root.io.4	13.23-0+deb11u1.root.io.4

Original title

CVE-2026-2004 in rootio-postgresql-13 - Patched by Root

Original description

Root has patched CVE-2026-2004 in the rootio-postgresql-13 package for Root:Debian:11. Multiple fixed versions available.

Published: 16 Mar 2026 · Updated: 16 Mar 2026 · First seen: 16 Mar 2026