High severity8.1NVD Advisory· Published Feb 25, 2026· Updated Apr 15, 2026
CVE-2026-3172
CVE-2026-3172
Description
Buffer overflow in parallel HNSW index build in pgvector 0.6.0 through 0.8.1 allows a database user to leak sensitive data from other relations or crash the database server.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
43- osv-coords41 versionspkg:rpm/opensuse/pgvector&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/pgvector&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/pgvector&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/postgresql13-pgvector&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/postgresql13-pgvector&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/postgresql14-pgvector&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/postgresql14-pgvector&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/postgresql15-pgvector&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/postgresql15-pgvector&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/postgresql16-pgvector&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/postgresql16-pgvector&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/postgresql17-pgvector&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/postgresql17-pgvector&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/postgresql18-pgvector&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/postgresql18-pgvector&distro=openSUSE%20Leap%2016.0pkg:rpm/suse/pgvector&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP7pkg:rpm/suse/pgvector&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSSpkg:rpm/suse/pgvector&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/pgvector&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6pkg:rpm/suse/pgvector&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/postgresql13-pgvector&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/postgresql13-pgvector&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/postgresql14-pgvector&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/postgresql14-pgvector&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/postgresql15-pgvector&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/postgresql15-pgvector&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/postgresql16-pgvector&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP7pkg:rpm/suse/postgresql16-pgvector&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSSpkg:rpm/suse/postgresql16-pgvector&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/postgresql16-pgvector&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6pkg:rpm/suse/postgresql16-pgvector&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/postgresql17-pgvector&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP7pkg:rpm/suse/postgresql17-pgvector&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSSpkg:rpm/suse/postgresql17-pgvector&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/postgresql17-pgvector&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6pkg:rpm/suse/postgresql17-pgvector&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/postgresql18-pgvector&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP7pkg:rpm/suse/postgresql18-pgvector&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSSpkg:rpm/suse/postgresql18-pgvector&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/postgresql18-pgvector&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6pkg:rpm/suse/postgresql18-pgvector&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0
< 0.8.2-150600.13.9.1+ 40 more
- (no CPE)range: < 0.8.2-150600.13.9.1
- (no CPE)range: < 0.8.2-160000.1.1
- (no CPE)range: < 0.8.2-1.1
- (no CPE)range: < 0.8.2-150600.13.9.1
- (no CPE)range: < 0.8.2-160000.1.1
- (no CPE)range: < 0.8.2-150600.13.9.1
- (no CPE)range: < 0.8.2-160000.1.1
- (no CPE)range: < 0.8.2-150600.13.9.1
- (no CPE)range: < 0.8.2-160000.1.1
- (no CPE)range: < 0.8.2-150600.13.9.1
- (no CPE)range: < 0.8.2-160000.1.1
- (no CPE)range: < 0.8.2-150600.13.9.1
- (no CPE)range: < 0.8.2-160000.1.1
- (no CPE)range: < 0.8.2-150600.13.9.1
- (no CPE)range: < 0.8.2-160000.1.1
- (no CPE)range: < 0.8.2-150600.13.9.1
- (no CPE)range: < 0.8.2-150600.13.9.1
- (no CPE)range: < 0.8.2-160000.1.1
- (no CPE)range: < 0.8.2-150600.13.9.1
- (no CPE)range: < 0.8.2-160000.1.1
- (no CPE)range: < 0.8.2-160000.1.1
- (no CPE)range: < 0.8.2-160000.1.1
- (no CPE)range: < 0.8.2-160000.1.1
- (no CPE)range: < 0.8.2-160000.1.1
- (no CPE)range: < 0.8.2-160000.1.1
- (no CPE)range: < 0.8.2-160000.1.1
- (no CPE)range: < 0.8.2-150600.13.9.1
- (no CPE)range: < 0.8.2-150600.13.9.1
- (no CPE)range: < 0.8.2-160000.1.1
- (no CPE)range: < 0.8.2-150600.13.9.1
- (no CPE)range: < 0.8.2-160000.1.1
- (no CPE)range: < 0.8.2-150600.13.9.1
- (no CPE)range: < 0.8.2-150600.13.9.1
- (no CPE)range: < 0.8.2-160000.1.1
- (no CPE)range: < 0.8.2-150600.13.9.1
- (no CPE)range: < 0.8.2-160000.1.1
- (no CPE)range: < 0.8.2-150600.13.9.1
- (no CPE)range: < 0.8.2-150600.13.9.1
- (no CPE)range: < 0.8.2-160000.1.1
- (no CPE)range: < 0.8.2-150600.13.9.1
- (no CPE)range: < 0.8.2-160000.1.1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.