Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-2026 — Improper Validation of Specified Type of Input in Pound

CWE-1287 — Improper Validation of Specified Type of Input9 documents8 sources

Severity

7.5HIGHNVD

EPSS

32.7%

top 3.12%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Apsis Pound

Timeline

PublishedDec 31

Latest updateMar 4

Description

Format string vulnerability in the logmsg function in svc.c for Pound 1.5 and earlier allows remote attackers to execute arbitrary code via format string specifiers in syslog messages.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶Debianapsis/pound< 1.7-1+2

▶NVDapsis/pound6 versions+5

Patches

Patch: secunia.com ↗Patch: security.gentoo.org ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

OSV

postgresql-14, postgresql-16, postgresql-17 vulnerabilities↗2026-03-04

▶

GHSA

GHSA-rrwc-ph65-5p73: Format string vulnerability in the logmsg function in svc↗2022-04-29

▶

CVEList

CVE-2004-2026: Format string vulnerability in the logmsg function in svc↗2005-05-10

▶

OSV

CVE-2004-2026: Format string vulnerability in the logmsg function in svc↗2004-12-31

▶

💥Exploits & PoCs

Exploit-DB

APSIS Pound 1.5 - Remote Format String↗2004-05-03

▶

📋Vendor Advisories

Red Hat

postgresql: PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code↗2026-02-12

▶

Debian

CVE-2004-2026: pound - Format string vulnerability in the logmsg function in svc.c for Pound 1.5 and ea...↗2004

▶