Vulnerabilities

Report: CVE-2026-32687 - SQL injection via channel name in Postgrex.Notifications.listen/3 and unlisten/3

2026-05-12 0 views admin

CVE ID :CVE-2026-32687 Published : May 12, 2026, 2:18 p.m. | 54 minutes ago Description :Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in elixir-ecto postgrex ('Elixir.Postgrex.Notifications' module) allows SQL Injection. The channel argument passed to 'Elixir.Postgrex.Notifications':listen/3 and 'Elixir.Postgrex.Notifications':unlisten/3 is interpolated directly into LISTEN

CVE Details

CVE ID

CVE-2026-32687

Published

May 12, 2026

Impact: SQL Injection

🏷️ Tags

report32687injectionchannelpostgrexnotificationslistenunlistencvesql injection

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: CVE-2026-32687 - SQL injection via channel name in Postgrex.Notifications.listen/3 and unlisten/3

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: Essential Guide: CVE-2026-40016 - Exim ManageSieve CPU Time Limit Bypass Vulnerability

Report: CVE-2026-42006 - Proxmox IMAP Memory Consumption Vulnerability (Arbitrary Bracing) - Guide

Report: CVE-2026-40638 - Dell PowerScale InsightIQ Execution of Code with Unnecessary Privileges - Analysis

Report: CVE-2026-45091 - sealed-env: TOTP secret embedded in unseal token payload (enterprise mode)

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting