Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-6478
PUBLISHED
More InfoOfficial Page
Assigner-PostgreSQL
Assigner Org ID-f86ef6dc-4d3a-42ad-8f28-e6d5547a5007
View Known Exploited Vulnerability (KEV) details
Published At-14 May, 2026 | 13:00
Updated At-14 May, 2026 | 15:33
Rejected At-
▼CVE Numbering Authority (CNA)
PostgreSQL discloses MD5-hashed passwords via covert timing channel

Covert timing channel in comparison of MD5-hashed password in PostgreSQL authentication allows an attacker to recover user credentials sufficient to authenticate. This does not affect scram-sha-256 passwords, the default in all supported releases. However, current databases may have MD5-hashed passwords originating in upgrades from PostgreSQL 13 or earlier. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected.

Affected Products
Vendor
n/a
Product
PostgreSQL
Default Status
unaffected
Versions
Affected
  • From 18 before 18.4 (rpm)
  • From 17 before 17.10 (rpm)
  • From 16 before 16.14 (rpm)
  • From 15 before 15.18 (rpm)
  • From 0 before 14.23 (rpm)
Problem Types
TypeCWE IDDescription
CWECWE-385Covert Timing Channel
Type: CWE
CWE ID: CWE-385
Description: Covert Timing Channel
Metrics
VersionBase scoreBase severityVector
3.16.5MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations

victim user has a usable MD5 password

Workarounds

reset password with password_encryption=scram-sha-256

Exploits
Credits
The PostgreSQL project thanks Joe Conway for reporting this problem.
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.postgresql.org/support/security/CVE-2026-6478/
N/A
Hyperlink: https://www.postgresql.org/support/security/CVE-2026-6478/
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found