CVE-2026-6664
High
Published: 09 May 2026
Published
09 May 2026
Modified
09 May 2026
KEV Added
—
Patch
—
CVSS Score
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.0004
13.8th percentile
Risk Priority
15
60% EPSS · 20% KEV · 20% CVSS
Summary
CVE-2026-6664 is a high-severity Integer Overflow or Wraparound (CWE-190) vulnerability in Pgbouncer (inferred from references). Its CVSS base score is 7.5 (High).
Operationally, ranked at the 13.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
NVD Description
An integer overflow in network packet parsing code in PgBouncer before 1.25.2 bypasses a boundary check and can lead to a crash. An unauthenticated remote attacker can crash PgBouncer with a malformed SCRAM authentication packet.
Deeper analysisAI
Automated synthesis unavailable for this CVE.
Details
- CWE(s)
Affected Products
Pgbouncer
—
inferred from references and description; NVD did not file a CPE for this CVE
CVEs Like This One
CVE-2026-41602Shared CWE-190
CVE-2025-24156Shared CWE-190
CVE-2026-27889Shared CWE-190
CVE-2025-53518Shared CWE-190
CVE-2026-41416Shared CWE-190
CVE-2026-27784Shared CWE-190
CVE-2026-0031Shared CWE-190
CVE-2024-57255Shared CWE-190
CVE-2024-55656Shared CWE-190
CVE-2026-24660Shared CWE-190