VYPR
Vendor

Timescale

Products
2
CVEs
4
Across products
4
Status
Private

Products

2

Recent CVEs

4
  • CVE-2025-52467CriJun 19, 2025
    risk 0.52cvss 9.1epss 0.00

    pgai is a Python library that transforms PostgreSQL into a retrieval engine for RAG and Agentic applications. Prior to commit 8eb3567, the pgai repository was vulnerable to an attack allowing the exfiltration of all secrets used in one workflow. In particular, the GITHUB_TOKEN…

  • CVE-2026-29089Mar 6, 2026
    risk 0.00cvss epss 0.00

    TimescaleDB is a time-series database for high-performance real-time analytics packaged as a Postgres extension. From version 2.23.0 to 2.25.1, PostgreSQL uses the search_path setting to locate unqualified database objects (tables, functions, operators). If the search_path…

  • CVE-2023-25149HigFeb 14, 2023
    risk 0.00cvss 8.8epss 0.01

    TimescaleDB, an open-source time-series SQL database, has a privilege escalation vulnerability in versions 2.8.0 through 2.9.2. During installation, TimescaleDB creates a telemetry job that is runs as the installation user. The queries run as part of the telemetry data…

  • CVE-2022-24128HigMar 13, 2022
    risk 0.00cvss 8.0epss 0.01

    Timescale TimescaleDB 1.x and 2.x before 2.5.2 may allow privilege escalation during extension installation. The installation process uses commands such as CREATE x IF NOT EXIST that allow an unprivileged user to precreate objects. These objects will be used by the installer…