CVE-2026-6474 | PostgreSQL up to 18.3 Timezone timeofday format string (Nessus ID 315292 / WID-SEC-2026-1544)
A vulnerability marked as critical has been reported in PostgreSQL up to 14.22/15.17/16.13/17.9/18.3. This affects the function timeofday of the component Timezone Handler. This manipulation causes format string.
This vulnerability is handled as CVE-2026-6474. The attack can be initiated remotely. There is not any exploit available.
It is suggested to upgrade the affected component.