Medium severity5.9NVD Advisory· Published May 9, 2026· Updated May 14, 2026
CVE-2026-6666
CVE-2026-6666
Description
A possible null pointer reference in PgBouncer before 1.25.2 could lead to a crash, if a server sends an error response without SQLSTATE field.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.pgbouncer.org/changelog.htmlnvdRelease Notes
News mentions
1- Patch Tuesday - May 2026Rapid7 Blog · May 13, 2026