CVE-2026-6666

Published: Mag 09, 2026 Last Modified: Mag 09, 2026
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 5,9
Source: f86ef6dc-4d3a-42ad-8f28-e6d5547a5007
Attack Vector: network
Attack Complexity: high
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: none
Availability: high

Description

AI Translation Available

A possible null pointer reference in PgBouncer before 1.25.2 could lead to a crash, if a server sends an error response without SQLSTATE field.

476

NULL Pointer Dereference

Stable
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Availability Integrity Confidentiality
Potential Impacts:
Dos: Crash, Exit, Or Restart Execute Unauthorized Code Or Commands Read Memory Modify Memory
Applicable Platforms
Languages: C, C#, C++, Go, Java
Likelihood of Exploit: Medium
View CWE Details
https://www.pgbouncer.org/changelog.html#pgbouncer-125x
https://www.pgbouncer.org/changelog.html#pgbouncer-125x