CVE-2026-2361
Awaiting Analysis Awaiting Analysis - Queue

Privilege Escalation via Malicious View in PostgreSQL Anonymizer

Vulnerability report for CVE-2026-2361, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-02-11

Last updated on: 2026-02-12

Assigner: PostgreSQL

Description

PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a temporary view based on a function containing malicious code. When the anon.get_tablesample_ratio function is then called, the malicious code is executed with superuser privileges. This privilege elevation can be exploited by users having the CREATE privilege in PostgreSQL 15 and later. The risk is higher with PostgreSQL 14 or with instances upgraded from PostgreSQL 14 or a prior version because the creation permission on the public schema is granted by default. The problem is resolved in PostgreSQL Anonymizer 3.0.1 and further versions

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-02-11
Last Modified
2026-02-12
Generated
2026-07-06
AI Q&A
2026-02-11
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 5 associated CPEs
Vendor Product Version / Range
dalibo postgresql_anonymizer 3.0.1
dalibo postgresql_anonymizer From 14.0 (inc) to 15.0 (inc)
postgresql_anonymizer 3.0.1 *
postgresql 15 *
postgresql 14 *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-427 The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

PostgreSQL Anonymizer has a vulnerability that allows a user with CREATE privileges to gain superuser privileges by creating a temporary view based on a function containing malicious code. When the function anon.get_tablesample_ratio is called, the malicious code executes with superuser privileges, effectively elevating the user's privileges.

This issue affects PostgreSQL 15 and later, with a higher risk in PostgreSQL 14 or instances upgraded from version 14 or earlier because the public schema creation permission is granted by default in those versions.

The vulnerability is fixed in PostgreSQL Anonymizer version 3.0.1 and later.

Impact Analysis

This vulnerability can allow an attacker with CREATE privileges to escalate their privileges to superuser level within the PostgreSQL database.

With superuser privileges, the attacker can execute arbitrary code with the highest level of access, potentially compromising the entire database system.

This can lead to unauthorized data access, data modification, or disruption of database operations.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

To mitigate this vulnerability, upgrade PostgreSQL Anonymizer to version 3.0.1 or later where the issue is resolved.

Additionally, be cautious with users having CREATE privileges, especially in PostgreSQL 15 and later, and review permissions on the public schema in PostgreSQL 14 or instances upgraded from earlier versions, as creation permission is granted by default there.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-2361. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart