// #postgresql
2 articles
Splunk Enterprise CVE-2026-20253 (CVSS 9.8): No-Authentication RCE Exposes SIEM Servers via PostgreSQL Sidecar
A critical remote code execution vulnerability in Splunk Enterprise allows unauthenticated attackers to run arbitrary commands on SIEM servers by targeting an exposed PostgreSQL sidecar service that bypasses all application-level authentication. CVE-2026-20253, rated CVSS 9.8, affects Splunk Enterprise 9.2.x and earlier on both Windows and Linux — a particularly damaging target given SIEM's visibility across the entire security estate.
Drupal SA-CORE-2026-004: Highly Critical SQL Injection CVE-2026-9082 — PostgreSQL Sites Must Patch Immediately
Drupal published SA-CORE-2026-004 on 20 May, disclosing CVE-2026-9082, a highly critical unauthenticated SQL injection vulnerability in Drupal's database abstraction API affecting sites running PostgreSQL. The flaw is zero-click and unauthenticated, and Drupal warned that exploit code turnaround would be measured in hours. CISA added the CVE to the Known Exploited Vulnerabilities catalogue on 22 May after confirmed exploitation.