Issue Details
Security assessments and vulnerability scans may report multiple high‑severity vulnerabilities affecting PostgreSQL version 16.10. These vulnerabilities have been publicly disclosed and are tracked under the following CVE identifiers:
CVE‑2025‑8714
CVE‑2025‑8715
CVE‑2025‑12818
If left unpatched, these vulnerabilities may expose PostgreSQL deployments to security risks, failed compliance checks, or policy violations in hardened environments. Systems running PostgreSQL 16.10 must apply the appropriate security updates to remediate these findings.
Solution
To remediate the reported PostgreSQL 16.10 security vulnerabilities, upgrade PostgreSQL using the latest official installer.
Resolution Steps
-
Download the latest PostgreSQL installer from the official EnterpriseDB website:
https://www.enterprisedb.com/downloads/postgres-postgresql-downloads - Run the installer you downloaded.
- When prompted during setup, you may unselect optional components, such as:
- pgAdmin
- Stack Builder
-
During installation, the installer will automatically detect the existing PostgreSQL installation.
What you should see:
- A message indicating that an existing PostgreSQL version was found
- The detected installation path
-
Select Next to proceed. The installer will then detect the existing data directory (DB path).
What this means:
- Existing databases and configurations are preserved
- No manual data migration is required
- Complete the installation by following the remaining on‑screen prompts.
- Once the installation is complete, reboot the system to ensure all updates are fully applied.
Do you need more help?
Submit your questions or requests using the Support Ticket Submission form.