A vulnerability has been found in pgjdbc up to 42.7.11 and classified as critical. Impacted is the function
Authenticate of the file ScramAuthenticator.java of the component ScramAuthenticator. Performing a manipulation of the argument channelBinding results in channel accessible by non-endpoint.
This vulnerability is identified as CVE-2026-54291. The attack can be initiated remotely. There is not any exploit available.