CVE-2026-54291 in pgjdbc
Summary
by MITRE • 07/06/2026
pgjdbc is an open source postgresql JDBC Driver. In releases 42.7.4 through 42.7.11, channelBinding=require connections can be silently downgraded from SCRAM-SHA-256-PLUS with channel binding to plain SCRAM-SHA-256 without it, losing the man-in-the-middle protection the setting is meant to guarantee. An attacker who can intercept the TLS connection can trigger the downgrade with a certificate whose signature algorithm has no tls-server-end-point channel-binding hash, because the bundled com.ongres.scram:scram-client returns an empty byte array instead of failing and pgJDBC ScramAuthenticator checks only that the server advertised a PLUS mechanism, without rejecting the empty binding or checking that the negotiated mechanism uses channel binding. This issue is fixed in version 42.7.12.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 07/06/2026
The pgjdbc JDBC driver vulnerability affects versions 42.7.4 through 42.7.11 where channel binding enforcement can be silently bypassed during SCRAM-SHA-256-PLUS authentication. This represents a critical security flaw that undermines the intended man-in-the-middle protection mechanisms. The vulnerability stems from improper handling of channel binding data during the authentication process, specifically when connections are configured with channelBinding=require settings. When an attacker intercepts the TLS connection, they can manipulate the authentication negotiation to downgrade from SCRAM-SHA-256-PLUS with channel binding to plain SCRAM-SHA-256 without it, effectively nullifying the security guarantees that channel binding is designed to provide.
The technical implementation flaw occurs in the interaction between the com.ongres.scram:scram-client library and pgJDBC's ScramAuthenticator component. The scram-client library returns an empty byte array for certificate signature algorithms that lack tls-server-end-point channel-binding hash information, rather than failing the authentication attempt as would be appropriate. Meanwhile, pgJDBC's ScramAuthenticator performs only a basic check to verify that the server advertised a PLUS mechanism without validating whether the negotiated mechanism actually employs channel binding or whether the channel binding data is valid and non-empty. This design gap creates an exploitable condition where downgrade attacks can succeed silently without alerting the client application to the security compromise.
The operational impact of this vulnerability is significant as it allows attackers to perform man-in-the-middle attacks against database connections that should be protected by channel binding. The downgrade attack specifically targets the TLS connection interception scenario where an attacker can manipulate the certificate validation process to trigger the silent downgrade from secure SCRAM-SHA-256-PLUS to insecure SCRAM-SHA-256 authentication. This vulnerability affects any application using pgjdbc with channelBinding=require configuration, potentially allowing attackers to capture credentials or perform unauthorized database operations without detection. The issue is particularly dangerous because it operates silently, meaning that applications may continue to function normally while security protections are effectively disabled.
This vulnerability aligns with CWE-310 (Cryptographic Issues) and specifically relates to improper certificate validation and channel binding implementation. From an ATT&CK perspective, this maps to techniques involving credential access through man-in-the-middle attacks and protocol manipulation. The fix implemented in version 42.7.12 addresses the core issue by ensuring that pgJDBC properly validates channel binding data and rejects empty or invalid channel binding information during authentication negotiation. The updated implementation requires more robust validation of the channel binding mechanism and prevents downgrade attacks that exploit the interaction between the scram-client library and the ScramAuthenticator component, thereby restoring the intended security guarantees for connections configured with channelBinding=require settings.
The root cause analysis reveals a fundamental flaw in the validation logic where the system assumes that merely advertising a PLUS mechanism is sufficient to guarantee secure authentication, without properly verifying that channel binding is actually enforced. This vulnerability demonstrates the importance of proper cryptographic protocol implementation and the necessity of validating all aspects of security mechanisms rather than relying on partial checks. The fix represents a critical security improvement that ensures authentication mechanisms operate as intended, preventing attackers from exploiting implementation gaps in channel binding validation to undermine database security controls. Organizations using affected pgjdbc versions should immediately upgrade to 42.7.12 or later to remediate this vulnerability and maintain the integrity of their database authentication processes.