Heap buffer overflow in PostgreSQL pg_trgm allows a database user to achieve unknown impacts via a crafted input string. The attacker has limited control over the byte patterns to be written, but we have not ruled out the viability of attacks that lead to privilege escalation. PostgreSQL 18.1 and 18.0 are affected.
Security readout for executives and security teams
Plain-English summary
PostgreSQL 18.0 and 18.1 can be crashed or potentially altered through a heap buffer overflow in the pg_trgm extension. The public record says impacts are not fully ruled out, including possible privilege escalation. Treat exposed PostgreSQL 18 systems as high priority, especially where untrusted users can run database queries.
Executive priority
High. Prioritize remediation for PostgreSQL 18.0 and 18.1 systems because the flaw affects server memory and may enable denial of service or worse. Systems with external access, multi-tenant users, or search features backed by pg_trgm should be handled first.
Technical view
The issue is a heap buffer overflow in PostgreSQL pg_trgm triggered by a crafted input string. The attacker has limited control over bytes written to server memory. Published impact is uncertain, but integrity and availability risk are documented, with privilege escalation not ruled out. Affected versions listed are PostgreSQL 18.0 and 18.1.
Likely exposure
Exposure is most likely on PostgreSQL 18.0 or 18.1 deployments with pg_trgm installed or available and users able to submit crafted database input. Internet-facing database services, shared databases, and applications passing user-controlled text into trigram search deserve priority review.
Exploitation context
The source bundle does not show CISA KEV listing or cited active exploitation. It describes crafted input from a database user and unknown final impact. Do not assume exploitation in the wild, but the low-complexity network vector and potential server-memory corruption justify urgent handling.
Researcher notes
Evidence is incomplete on exploitability and final impact. The record states limited attacker control over written byte patterns and says privilege escalation has not been ruled out. Avoid overstating exploitation. Focus validation on version, pg_trgm presence, reachable query surfaces, package advisory status, and crash indicators.
Mitigation direction
Inventory PostgreSQL 18.0 and 18.1 instances and extension usage.
Check PostgreSQL and distributor advisories for fixed packages.
Apply vendor-provided PostgreSQL or platform updates after testing.
Restrict database access to trusted networks and accounts.
Limit untrusted query paths using pg_trgm-backed search where practical.
Validation and detection
Confirm exact PostgreSQL version on every production and staging instance.
Identify databases where the pg_trgm extension is installed.
Review application paths that pass user-controlled text to trigram search.
Check vendor package advisories for installed package status.
Monitor PostgreSQL logs for crashes or unusual trigram-search errors.
Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.
Potential ATT&CK relevance
Conservative CVE-to-ATT&CK context
These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.
ATT&CK lookup starting points
Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.
cwe · low confidence lookup
CWE-120: Exact CWE lookup
Use the exact CWE identifier as the starting point before reviewing related ATT&CK behavior. Open the exact CWE lookup page first, then review the ATT&CK searches from that MITRE weakness context. This is a Glexia lookup hint, not an official ATT&CK mapping.
Use the exact CWE identifier as the starting point before reviewing related ATT&CK behavior. Open the exact CWE lookup page first, then review the ATT&CK searches from that MITRE weakness context. This is a Glexia lookup hint, not an official ATT&CK mapping.
The CVE wording references privilege impact, so privilege escalation and authorization behavior review may help. This is a Glexia inferred lookup path, not an official MITRE, ATT&CK, or CVE Program mapping.
The CVE wording references database injection or access, so collection and exfiltration review may help. This is a Glexia inferred lookup path, not an official MITRE, ATT&CK, or CVE Program mapping.
These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.
We collect every scored CVSS vector available in the official CNA and ADP containers. When more than one version is present, the table keeps the source vectors side by side instead of collapsing them into the highest score.
CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.
CWE-120 · source CWE mapping
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') represents a recurring weakness pattern that can create exploitable paths when design, validation, or implementation controls are missing.
Heap-based Buffer Overflow represents a recurring weakness pattern that can create exploitable paths when design, validation, or implementation controls are missing.