CYBERHAWK / CVE / CVE-2026-49498

CVE-2026-49498

HIGH CVSS 8.8 other

The flaw

Ghidra 11.0 before 12.1 contains a SQL injection vulnerability in the changePassword() method of PostgresFunctionDatabase that fails to escape double quotes in usernames interpolated into ALTER ROLE statements. Authenticated attackers can i

What to do

Review advisory and patch per vendor guidance.

▸ Scan my repo for CVE-2026-49498

References

NVD CISA KEV OSV GitHub Advisory MITRE News search

First seen 2026-06-12 · Tracked by PickBits CyberHawk · Weekly CVE digest

← All CVEs RSS Scheduled audits