Question 1

What is CVE-2023-22626 — CVE-2023-22626?

Accepted Answer

PgHero before 3.1.0 allows Information Disclosure via EXPLAIN because query results may be present in an error message. (Depending on database user privileges, this may only be information from the database, or may be information from file contents on the database server.)

Question 2

What is the authoritative source for CVE-2023-22626?

Accepted Answer

CVE-2023-22626 (CVE-2023-22626) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

CVSS	7.5 ()
Vector	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS	0.83% probability of exploitation · percentile 52.8% · 2026-06-18T12:00:27Z
Last modified	2026-06-17

CVE-2023-22626CVE-2023-22626

Description

Scoring