CVE-2026-9617

MEDIUM 6.8

PostgreSQL Anonymizer: malicious column name allows SQL injection via anon.k_anonymity() function

CVSS Score

6.8

EPSS Score

0.0%

EPSS Percentile

0th

PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a table and placing malicious code inside a column identifier. If a superuser calls the k-anonymity function, the malicious code is executed with superuser privileges. The risk is higher with PostgreSQL 14 or with instances upgraded from PostgreSQL 14 or a prior version. With PostgreSQL 15 and later, the creation permission on the public schema is revoked by default and this exploit can only be achieved by a user who was explicitly granted the CREATE TABLE privilege. The problem is resolved in PostgreSQL Anonymizer 3.1.0 and further versions

CWE	CWE-89
Vendor	dalibo
Product	postgresql anonymizer
Published	May 27, 2026
Last Updated	May 28, 2026

Stay Ahead of the Next One

Get instant alerts for dalibo postgresql anonymizer

Be the first to know when new medium vulnerabilities affecting dalibo postgresql anonymizer are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

DALIBO / PostgreSQL Anonymizer

1 < 3.1.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

gitlab.com: https://gitlab.com/dalibo/postgresql_anonymizer/-/issues/640

Credits

The PostgreSQL Anonymizer project thanks user 'Buut' for reporting this problem.