在PostgreSQL的多个零日漏洞中，最为紧迫的是一个被追踪为CVE-2026-2005的基于堆的缓冲区溢出问题。该漏洞存在于pgcrypto扩展中。研究人员指出，通过使用精心构造的输入，攻击者可以触发大小不匹配，导致在堆上进行越界写入。

Michael Stonebraker 在数据库领域具有相当重要的地位。有人戏称 Stonebraker 是数据库领域的“祖师爷”：“赏了无数人饭吃的那种”。通过一系列学术原型和商业初创公司，Stonebraker 的研究和产品成为当今市场上许多关系数据库系统的核心。

Follow this step-by-step guide to install PostgreSQL, load data, connect to a database, and execute SQL queries including table joins PostgreSQL is an open-source, object-relational (also called ...

作者：PatrickSupabase 是一个几乎所有 vibe coder 都熟悉的产品。它背后的公司创立于 2020 年，以 Postgres 为核心数据库，叠加 auth、storage、edge functions、vector ...

安全研究人员借助AI驱动的安全分析工具"Xint Code"，在PostgreSQL和MariaDB中发现了多个高危及严重漏洞，其中两个漏洞已潜伏超过20年。漏洞包括pgcrypto扩展中的堆缓冲区溢出（CVE-2026-2005）、缺失验证漏洞（CVE-2026-2006）及MariaDB JSON模式验证逻辑中的缓冲区溢出（CVE-2026-32710），均可能导致远程代码执行。目前两款数据库 ...

For nearly 30 years, PostgreSQL (a.k.a., Postgres) has arguably been the most common SQL open source database that you have never heard of. Call it the Zelig of databases, its technology either sat ...

Attackers who exploited a zero-day vulnerability in BeyondTrust Privileged Remote Access and Remote Support products in December likely also exploited a previously unknown SQL injection flaw in ...

Independent study from McKnight Consulting Group shows EDB Postgres AI as the fastest, most cost-effective enterprise database platform for transactional, analytical, and new AI workloads WILMINGTON, ...

Critical flaws affecting core components and extensions in PostgreSQL and MariaDB could allow remote code execution. The bugs ...

a 2022 survey, it is the second most used database after MySQL. PostgreSQL expert engineer Craig Carstiens explains the history of how PostgreSQL has been developed and how the number of users has ...