Description
Covert timing channel in comparison of MD5-hashed password in PostgreSQL authentication allows an attacker to recover user credentials sufficient to authenticate. This does not affect scram-sha-256 passwords, the default in all supported releases. However, current databases may have MD5-hashed passwords originating in upgrades from PostgreSQL 13 or earlier. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected.
Published: 2026-05-14
Score: 6.5 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A covert timing channel exists in PostgreSQL when it compares MD5-hashed passwords. The timing differences allow an attacker who can trigger authentication attempts to deduce the correct hash and recover user credentials, enabling unauthorized authentication. The flaw does not affect passwords encrypted with SCRAM‑SHA‑256, which is the default method in all current releases.

Affected Systems

The vulnerability is present in PostgreSQL releases prior to 18.4, 17.10, 16.14, 15.18 and 14.23. Databases that upgraded from PostgreSQL 13 or earlier may still contain MD5‑hashed passwords, even though the default configuration now uses SCRAM‑SHA‑256.

Risk and Exploitability

The CVSS score of 6.5 indicates a moderate severity, and the EPSS score is not available. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires an attacker to observe timed authentication responses, either over the network or locally. Once exploited, the attacker can obtain user passwords sufficient for authentication, representing a significant risk to confidentiality and system integrity.

Generated by OpenCVE AI on May 14, 2026 at 15:50 UTC.

Remediation

Vendor Workaround

reset password with password_encryption=scram-sha-256

OpenCVE Recommended Actions

  • Upgrade PostgreSQL to at least the latest supported release (>= 18.4, 17.10, 16.14, 15.18, or 14.23).
  • If an upgrade cannot be performed immediately, force all accounts to use SCRAM‑SHA‑256 by resetting passwords while setting the password_encryption parameter to scram‑sha‑256.
  • Remove md5 authentication methods from pg_hba.conf and set password_encryption= scram-sha-256 system-wide to prevent accidental use of MD5.

Generated by OpenCVE AI on May 14, 2026 at 15:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6269-1 postgresql-15 security update
Debian DSA Debian DSA DSA-6270-1 postgresql-17 security update
History

Thu, 14 May 2026 16:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 14 May 2026 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Postgresql
Postgresql postgresql
Vendors & Products Postgresql
Postgresql postgresql

Thu, 14 May 2026 13:30:00 +0000

Type Values Removed Values Added
Description Covert timing channel in comparison of MD5-hashed password in PostgreSQL authentication allows an attacker to recover user credentials sufficient to authenticate. This does not affect scram-sha-256 passwords, the default in all supported releases. However, current databases may have MD5-hashed passwords originating in upgrades from PostgreSQL 13 or earlier. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected.
Title PostgreSQL discloses MD5-hashed passwords via covert timing channel
Weaknesses CWE-385
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N'}

Subscriptions

Postgresql Postgresql
cve-icon MITRE

Status: PUBLISHED

Assigner: PostgreSQL

Published:

Updated: 2026-05-14T15:33:03.332Z

Reserved: 2026-04-17T00:44:57.549Z

Link: CVE-2026-6478

cve-icon Vulnrichment

Updated: 2026-05-14T15:32:49.316Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-14T14:16:25.463

Modified: 2026-05-14T16:21:23.190

Link: CVE-2026-6478

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-14T16:00:15Z

Weaknesses