Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 565
Alerts This Week
Warning Icon 1 565

Rocky Linux PostgreSQL Key Credential Recovery Timing Attack CVE-2026-6478

rocky
Calendar Grey June 23, 2026
Scroller Rockylinux
Important PostgreSQL security update on Rocky Linux addresses credential recovery issue reflected in CVE-2026-6478.
Important: postgresql:13 security update

Summary

An update is available for postgres-decoderbufs, module.postgres-decoderbufs, module.pgaudit, module.pg_repack, pgaudit, pg_repack. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list


RPMs

pgaudit-0:1.5.0-1.module+el8.10.0+40055+b85d5ce2.aarch64.rpm

pgaudit-0:1.5.0-1.module+el8.9.0+1594+4a6adae9.aarch64.rpm

pgaudit-0:1.5.0-1.module+el8.10.0+40055+b85d5ce2.src.rpm

pgaudit-0:1.5.0-1.module+el8.9.0+1594+4a6adae9.src.rpm

pgaudit-0:1.5.0-1.module+el8.10.0+40055+b85d5ce2.x86_64.rpm

pgaudit-0:1.5.0-1.module+el8.9.0+1594+4a6adae9.x86_64.rpm

pgaudit-debuginfo-0:1.5.0-1.module+el8.10.0+40055+b85d5ce2.aarch64.rpm

pgaudit-debuginfo-0:1.5.0-1.module+el8.9.0+1594+4a6adae9.aarch64.rpm

pgaudit-debuginfo-0:1.5.0-1.module+el8.10.0+40055+b85d5ce2.x86_64.rpm

pgaudit-debugsource-0:1.5.0-1.module+el8.10.0+40055+b85d5ce2.aarch64.rpm

pgaudit-debugsource-0:1.5.0-1.module+el8.9.0+1594+4a6adae9.aarch64.rpm

pgaudit-debugsource-0:1.5.0-1.module+el8.10.0+40055+b85d5ce2.x86_64.rpm

pg_repack-0:1.4.6-3.module+el8.9.0+1594+4a6adae9.aarch64.rpm

pg_repack-0:1.4.6-3.module+el8.9.0+1603+444d1b54.aarch64.rpm

pg_repack-0:1.4.6-3.module+el8.10.0+40055+b85d5ce2.aarch64.rpm

Read the Full Advisory

References

No references

CVES

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6478

Severity
important
Lowest
Low
Medium
High
Critical

Name: RLSA-2026:28208
Affected Products: Rocky Linux 8

Fixes

https://bugzilla.redhat.com/show_bug.cgi?id=2477447


Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.