{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-3172", "assignerOrgId": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "state": "PUBLISHED", "assignerShortName": "PostgreSQL", "dateReserved": "2026-02-24T22:42:24.733Z", "datePublished": "2026-02-25T20:59:10.051Z", "dateUpdated": "2026-02-26T15:04:08.481Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "shortName": "PostgreSQL", "dateUpdated": "2026-02-25T20:59:10.051Z"}, "title": "pgvector buffer overflow in parallel HNSW index build", "descriptions": [{"lang": "en", "value": "Buffer overflow in parallel HNSW index build in pgvector 0.6.0 through 0.8.1 allows a database user to leak sensitive data from other relations or crash the database server."}], "affected": [{"defaultStatus": "unaffected", "product": "pgvector", "vendor": "n/a", "versions": [{"lessThan": "0.8.2", "status": "affected", "version": "0.8.0", "versionType": "semver"}, {"status": "affected", "version": "0.7.0", "versionType": "semver"}, {"status": "affected", "version": "0.6.0", "versionType": "semver"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-191", "type": "CWE", "description": "Integer Underflow or Wraparound"}]}, {"descriptions": [{"lang": "en", "cweId": "CWE-787", "type": "CWE", "description": "Out-of-bounds Write"}]}], "references": [{"url": "https://github.com/pgvector/pgvector/issues/959"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "baseScore": 8.1, "baseSeverity": "HIGH"}}], "configurations": [{"lang": "en", "value": "attacker has permission to create or reindex an HNSW index with parallel workers"}], "credits": [{"lang": "en", "value": "Thanks to chungkn from OneMount Group for reporting this."}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-26T15:03:28.719764Z", "id": "CVE-2026-3172", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-26T15:04:08.481Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-3172", "assignerOrgId": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "state": "PUBLISHED", "assignerShortName": "PostgreSQL", "dateReserved": "2026-02-24T22:42:24.733Z", "datePublished": "2026-02-25T20:59:10.051Z", "dateUpdated": "2026-02-26T15:04:08.481Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "shortName": "PostgreSQL", "dateUpdated": "2026-02-25T20:59:10.051Z"}, "title": "pgvector buffer overflow in parallel HNSW index build", "descriptions": [{"lang": "en", "value": "Buffer overflow in parallel HNSW index build in pgvector 0.6.0 through 0.8.1 allows a database user to leak sensitive data from other relations or crash the database server."}], "affected": [{"defaultStatus": "unaffected", "product": "pgvector", "vendor": "n/a", "versions": [{"lessThan": "0.8.2", "status": "affected", "version": "0.8.0", "versionType": "semver"}, {"status": "affected", "version": "0.7.0", "versionType": "semver"}, {"status": "affected", "version": "0.6.0", "versionType": "semver"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-191", "type": "CWE", "description": "Integer Underflow or Wraparound"}]}, {"descriptions": [{"lang": "en", "cweId": "CWE-787", "type": "CWE", "description": "Out-of-bounds Write"}]}], "references": [{"url": "https://github.com/pgvector/pgvector/issues/959"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "baseScore": 8.1, "baseSeverity": "HIGH"}}], "configurations": [{"lang": "en", "value": "attacker has permission to create or reindex an HNSW index with parallel workers"}], "credits": [{"lang": "en", "value": "Thanks to chungkn from OneMount Group for reporting this."}]}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-3172", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-26T15:03:28.719764Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-26T15:03:39.831Z"}}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Buffer overflow in parallel HNSW index build in pgvector 0.6.0 through 0.8.1 allows a database user to leak sensitive data from other relations or crash the database server."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en la construcci\u00f3n paralela de \u00edndices HNSW en pgvector 0.6.0 hasta 0.8.1 permite a un usuario de base de datos filtrar datos sensibles de otras relaciones o bloquear el servidor de la base de datos."}], "id": "CVE-2026-3172", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "type": "Secondary"}]}, "published": "2026-02-25T21:16:44.857", "references": [{"source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "url": "https://github.com/pgvector/pgvector/issues/959"}], "sourceIdentifier": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-191"}, {"lang": "en", "value": "CWE-787"}], "source": "f86ef6dc-4d3a-42ad-8f28-e6d5547a5007", "type": "Secondary"}]}

{"bugzilla": {"description": "pgvector: pgvector: Information disclosure or denial of service via buffer overflow in parallel HNSW index build", "id": "2443037", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2443037"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.8", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H", "status": "draft"}, "cwe": "CWE-190->CWE-120", "details": ["Buffer overflow in parallel HNSW index build in pgvector 0.6.0 through 0.8.1 allows a database user to leak sensitive data from other relations or crash the database server."], "name": "CVE-2026-3172", "package_state": [{"cpe": "cpe:/a:redhat:openshift_lightspeed", "fix_state": "Fix deferred", "package_name": "openshift-lightspeed/lightspeed-ocp-rag-rhel9", "product_name": "OpenShift Lightspeed"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Under investigation", "package_name": "postgresql16-pgvector", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Under investigation", "package_name": "postgresql18-pgvector", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Under investigation", "package_name": "postgresql:16/pgvector", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:trusted_profile_analyzer:2", "fix_state": "Fix deferred", "package_name": "rhtpa/rhtpa-trustification-service-rhel9", "product_name": "Red Hat Trusted Profile Analyzer"}], "public_date": "2026-02-25T20:59:10Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-3172\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-3172\nhttps://github.com/pgvector/pgvector/issues/959"], "statement": "A buffer overflow during parallel HNSW index builds can be exploited by a database user, potentially leading to information disclosure from other database relations or a denial of service by crashing the database server, although the high impact on availability and confidentiality Red Hat Product Security team has rated this as having a moderate severity. This happens because, besides the low privileges required, to successfully exploit this flaw the attack needs to win a race condition among several worker threads which may be a task considered of a high complexity.", "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0.8.0,0.8.2)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "0.7.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "0.6.0"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}]}, "original": {"product": "pgvector", "source": "cna", "vendor": "n/a"}, "product": "pgvector", "vendor": "pgvector"}], "analysis": {"en": {"generated_at": "2026-04-18T17:39:51.940558+00:00", "value": {"mitigation_remediation": ["Upgrade pgvector to a version newer than 0.8.1 to apply the buffer\u2011overflow fix.", "If an upgrade cannot be performed immediately, configure \u2018max_parallel_workers_per_gather\u2019 to 0 or otherwise prevent parallel execution when building HNSW indexes, forcing serial builds.", "Limit the role set that has permission to create or rebuild pgvector HNSW indexes to trusted users only."], "summary": {"action": "Apply Patch", "impact": "Sensitive data leakage and denial of service"}, "threat_synthesis": {"affected_systems": "It affects any pgvector installation from version 0.6.0 through 0.8.1, meaning any PostgreSQL database that has the pgvector extension installed and permits users to build or rebuild HNSW indexes in parallel will be vulnerable.", "description_and_impact": "This vulnerability is a buffer overflow that occurs during the parallel construction of an HNSW index in the pgvector extension, allowing a database user to read memory from other database relations or to cause the Postgres process to crash. The weakness involves a classic memory overrun (CWE\u2011120) combined with signed integer overflows and signed/unsigned mismatches (CWE\u2011190, CWE\u2011191) and a use\u2011after\u2011free scenario (CWE\u2011787).", "risk_and_exploitability": "The CVSS score of 8.1 signifies high severity, while the EPSS probability is less than 1% and the vulnerability is not listed in CISA's KEV catalog. It is inferred that the attack vector is local, requiring a database user with the privilege to initiate parallel index builds. Exploitation could enable an attacker to read confidential data from other tables or cause a database crash, potentially leading to a denial of service."}}}}, "created": "2026-02-26T13:14:32.169046+00:00", "updated": "2026-04-18T17:45:06.059817+00:00", "vendors": ["pgvector", "pgvector$PRODUCT$pgvector"]}