CVE-2026-4427

CVE-2026-4427

Rejected reason: Duplicate of CVE-2026-32286

CVE-2026-4427

A flaw was found in pgproto3. A malicious or compromised PostgreSQL server can exploit this by sending a DataRow message with a negative field length. This input validation vulnerability can lead to a denial of service (DoS) due to a slice bounds out of range panic.

GHSA-x6gf-mpr2-68h6

Duplicate Advisory: pgproto3: Negative field length panics in DataRow.Decode