“flaw in symmetric decryption via pgp _ sym _ decrypt. without proper checks, malformed utf - 8 slips through postgresql ’ s string handlers like pg _ mblen and pg _ utf _ mblen, leading to out - of - bounds reads or writes. attackers can use this to corrupt memory and gain contro…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
56%
“2026 - 2005 and cve - 2026 - 2006, date back to 2005 and remained unnoticed in the pgcrypto extension, a standard tool for encryption tasks that ’ s considered safe by default. wiz ran the numbers after the findings and saw postgresql in 80 % of cloud environments they scanned, w…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1068Exploitation for Privilege Escalation
54%
“2026 - 2005 and cve - 2026 - 2006, date back to 2005 and remained unnoticed in the pgcrypto extension, a standard tool for encryption tasks that ’ s considered safe by default. wiz ran the numbers after the findings and saw postgresql in 80 % of cloud environments they scanned, w…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1496Resource Hijacking
45%
“wiz zeroday. cloud event reveals 20 - year - old postgresql vulnerabilities cybersecurity researchers participating in wiz ’ s zeroday. cloud hacking event in london, england, exploited two critical vulnerabilities in postgresql, the database that runs behind countless enterprise…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1588.006Vulnerabilities
44%
“wiz zeroday. cloud event reveals 20 - year - old postgresql vulnerabilities cybersecurity researchers participating in wiz ’ s zeroday. cloud hacking event in london, england, exploited two critical vulnerabilities in postgresql, the database that runs behind countless enterprise…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1486Data Encrypted for Impact
33%
“2026 - 2005 and cve - 2026 - 2006, date back to 2005 and remained unnoticed in the pgcrypto extension, a standard tool for encryption tasks that ’ s considered safe by default. wiz ran the numbers after the findings and saw postgresql in 80 % of cloud environments they scanned, w…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Researchers revealed 20-year-old PostgreSQL flaws at Wiz ZeroDay.Cloud event, exposing critical bugs in pgcrypto and prompting urgent patches for database security.