CVE-2026-29089HIGH 8.8EPSS p3.4%

CVE-2026-29089CVE-2026-29089

Description

TimescaleDB is a time-series database for high-performance real-time analytics packaged as a Postgres extension. From version 2.23.0 to 2.25.1, PostgreSQL uses the search_path setting to locate unqualified database objects (tables, functions, operators). If the search_path includes user-writable schemas a malicious user can create functions in that schema that shadow builtin postgres functions and will be called instead of the postgres functions leading to arbitrary code execution during extension upgrade. This issue has been patched in version 2.25.2.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS0.14% probability of exploitation · percentile 3.4% · 2026-06-18T12:00:27Z
Published2026-03-06
Last modified2026-03-18

Underlying weaknesses· 1

CWE-426

References

  1. https://github.com/timescale/timescaledb/commit/9a8f7f8bdeb99e6abae0786ffe526791a8628ce3
  2. https://github.com/timescale/timescaledb/pull/9331
  3. https://github.com/timescale/timescaledb/releases/tag/2.25.2
  4. https://github.com/timescale/timescaledb/security/advisories/GHSA-vgp2-jj5c-828m

1

TypeTargetConfidenceTier
WeaknessUntrusted Search Pathcwe-4260%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-2360
CVE
CVE-2026-2004
CVE
CVE-2026-2361
CVE
CVE-2026-2006
CVE
CVE-2026-6637
CVE
CVE-2025-12819
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.