CVE-2026-6667 - PgBouncer missing authorization check in KILL_CLIENT admin command
CVE ID :CVE-2026-6667 Published : May 9, 2026, 1:16 a.m. | 1 hour, 47 minutes ago Description :PgBouncer before 1.25.2 did not perform an appropriate authorization check for the KILL_CLIENT admin command. All users with access to the administration console (which itself requires authorization)
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Telco sector ‘high-value target' for cyber attackers, firms advised on urgency of frontier AI risks: Shanmugam
- [CYBER] NVIDIA Confirms GeForce Data Breach Exposed Users’ Personal Data
- [CYBER] Sri Lanka arrests more than 260 foreigners over cyberscams
- [CYBER] CVE-2026-8207 - Gibbon SQL Injection Vulnerability
- [CYBER] CVE-2026-7652 - LatePoint <= 5.5.0 - Unauthenticated Account Takeover via Weak Password Recovery Mechanism
- [CYBER] Rate Limiting Toàn Tập: Đừng Để Server "Sập Nguồn" Vì Bị Spam API