Jackc: community verdicts
3 notable / known-exploited Jackc CVEs the community has triaged.
ⓘ Not an exhaustive list: we focus on the findings that matter (exploited / notable). For every Jackc CVE, see NVD ↗.
- CVE-2026-33815CRIT 9.8Real · low riskEPSS 1%
Memory-safety vulnerability in github.com/jackc/pgx/v5.
- CVE-2026-33816CRIT 9.8Real · low riskEPSS 1%
Memory-safety vulnerability in github.com/jackc/pgx/v5.
- CVE-2026-32286HIGH 7.5Real · low riskEPSS 0%
The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic.