CVE-2026-6666

Summary

A possible null pointer reference in PgBouncer before 1.25.2 could lead to a crash, if a server sends an error response without SQLSTATE field.

Affected Software

VendorProductVersion RangeStatus
n/aPgBouncer0 < 1.25.2affected

Weaknesses

  • CWE-476: NULL Pointer Dereference

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References