CVE-2026-2360

PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a custom operator in the public schema and place malicious code in that operator. This operator will later be executed with superuser privileges when the extension is created. The risk is higher with PostgreSQL 14 or with instances upgraded from PostgreSQL 14 or a prior version. With PostgreSQL 15 and later, the creation permission on the public schema is revoked by default and this exploit can only be achieved if a superuser adds a new schema in her/his own search_path and grants the CREATE privilege on that schema to untrusted users, both actions being clearly discouraged by the PostgreSQL documentation. The problem is resolved in PostgreSQL Anonymizer 3.0.1 and further versions

CVSS v3 8.0 HIGH

8.0^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.3 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://gitlab.com/dalibo/postgresql_anonymizer/-/blob/latest/NEWS.md
https://gitlab.com/dalibo/postgresql_anonymizer/-/issues/616
https://www.postgresql.org/docs/current/ddl-schemas.html#DDL-SCHEMAS-PATH

Configurations

No configuration.

History

11 Feb 2026, 18:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-02-11 18:16

Updated : 2026-02-12 15:11

NVD link : CVE-2026-2360

Mitre link : CVE-2026-2360

CVE.ORG link : CVE-2026-2360

JSON object : View

Products Affected

No product.

CWE

CWE-427

Uncontrolled Search Path Element

8.0 /10