CVE-2026-32687 | elixir-ecto postgrex up to 0.22.1 notifications.ex handle_connect channel sql injection

Inserito da Angelo Barbosa | Mag 12, 2026 | CVE

A vulnerability was found in elixir-ecto postgrex up to 0.22.1 and classified as critical. Impacted is the function handle_connect in the library lib/postgrex/notifications.ex. Such manipulation of the argument channel leads to sql injection.

This vulnerability is listed as CVE-2026-32687. The attack may be performed from remote. There is no available exploit.

It is suggested to upgrade the affected component.

CVE-2026-32687 | elixir-ecto postgrex up to 0.22.1 notifications.ex handle_connect channel sql injection

Post correlati

CVE-2024-35211 | Siemens SINEC Traffic Analyzer up to 1.1 missing secure attribute (ssa-196737)

CVE-2024-3501 | lunary-ai lunary up to 1.2.5 API Endpoint /v1/users/me information disclosure

CVE-2023-6738 | PageLayer Plugin up to 1.7.8 on WordPress Meta Field cross site scripting

CVE-2024-5201 | OpenText Dimensions RM up to 12.11.1.2/12.11.2.5 HTTP Request Privilege Escalation