Medium severity5.9NVD Advisory· Published May 8, 2025· Updated Apr 15, 2026

CVE-2025-4207

Description

Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13, 14.18, and 13.21 are affected.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.openwall.com/lists/oss-security/2025/05/09/3nvd
lists.debian.org/debian-lts-announce/2025/05/msg00011.htmlnvd
www.postgresql.org/support/security/CVE-2025-4207/nvd

News mentions

No linked articles in our index yet.

cvss	0.384
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000