CVE-2025-46801CRITICAL 9.8EPSS p50.6%

CVE-2025-46801CVE-2025-46801

Description

Pgpool-II provided by PgPool Global Development Group contains an authentication bypass by primary weakness vulnerability. if the vulnerability is exploited, an attacker may be able to log in to the system as an arbitrary user, allowing them to read or tamper with data in the database, and/or disable the database.

Scoring

CVSS 3.09.8 (CRITICAL)
VectorCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.76% probability of exploitation · percentile 50.6% · 2026-06-19T12:03:05Z
Published2025-05-19
Last modified2026-04-15

Underlying weaknesses· 1

CWE-305

References

  1. https://jvn.jp/en/jp/JVN06238225/
  2. https://www.pgpool.net/mediawiki/index.php/Main_Page#News
  3. https://lists.debian.org/debian-lts-announce/2025/10/msg00014.html

1

TypeTargetConfidenceTier
WeaknessAuthentication Bypass by Primary Weaknesscwe-3050%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-12819
CVE
CVE-2026-2005
CVE
CVE-2025-59468
CVE
CVE-2025-52159
CVE
CVE-2025-2291
CVE
CVE-2025-60118
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.