CVE-2025-46801

Critical CVSS: 9.3

Pgpool-II provided by PgPool Global Development Group contains an authentication bypass by primary weakness vulnerability. if the vulnerability is exploited, an attacker may be able to log in to the system as an arbitrary user, allowing them to read or tamper with data in the database, and/or disable the database.

Vendor

Product

CWE

CWE-305

Yayın Tarihi

2025-05-19 08:15:21

Güncelleme

2025-11-03 18:16:54

Source Identifier

vultures@jpcert.or.jp

KEV Date Added

Kategoriler

CWE-305 CRITICAL 2025

Referanslar

https://jvn.jp/en/jp/JVN06238225/ https://www.pgpool.net/mediawiki/index.php/Main_Page#News https://lists.debian.org/debian-lts-announce/2025/10/msg00014.html