Skip to main content
Technical advisories report major issues with CockroachDB or the CockroachDB Cloud platform that may impact security or stability in production environments. Users are invited to evaluate advisories and consider the recommended mitigation actions independently from their version upgrade schedule. Get future technical advisories emailed to you:
AdvisorySummaryAffected versionsDate
Two privilege escalation vulnerabilities were identified in CockroachDB that could allow authenticated users to gain elevated privileges beyond those assigned to their account.All CockroachDB versions before v26.1.2, v25.4.7, v25.2.16, v24.3.30, v24.1.27, v23.2.30May 20, 2026
A bug in CockroachDB can cause partial index corruption when a partial index is backfilled on a table with multiple column families while concurrent updates are occurring.v24.1.0 to v24.1.27, v24.2, v24.3.0 to v24.3.30, v25.1, v25.2.0 to v25.2.16, v25.3, v25.4.0 to v25.4.8, v26.1.0 to v26.1.2, v26.2.0-alpha.1 to v26.2.0-beta.1April 20, 2026
A race condition between MVCC garbage collection and range splits in CockroachDB can, under specific and unlikely circumstances, result in the deletion of live data. This issue affects CockroachDB v23.1 and later. Patches are available for all supported versions. Customers are encouraged to upgrade to a patched version or apply the mitigation described below.v23.1.0 and later, v23.2.0 through v23.2.28, v24.1.0 through v24.1.25, v24.3.0 through v24.3.26, v25.2.0 through v25.2.12, v25.3.0 and later, v25.4.0 through v25.4.4February 19, 2026
A bug in CockroachDB’s AVRO data import functionality can result in silent data loss when importing AVRO data using Object Container File (OCF) format. Storage backend errors (such as S3 read failures) might be silently ignored during these IMPORT operations, resulting in incomplete data imports without any error being reported to the user.v20.1 to v24.2, v24.3.0 to v24.3.25, All versions of v25.1, v25.2.0 to v25.2.11, v25.3.0 to v25.3.7, v25.4.0 to v25.4.3, All testing versions of v26.1 through v26.0-beta.3February 11, 2026
On rare occasions, when object storage providers used for backups experience intermittent issues resulting in write failures, backup jobs may report completing successfully without backing up all datav24.1.0 to v24.1.21, v24.3.0 to v24.3.16, v25.1.0 to v25.1.9, v25.2.0 to v25.2.3, testing versions of v25.3 through v25.3.0-rc.1August 4, 2025
In rare cases, some bulk write operations could succeed without ingesting all expected data.v23.2.0 to v23.2.23, v24.1.0 to v24.1.16, all versions of v24.2, v24.3.0 to v24.3.10, v25.1.0 to v25.1.4, testing versions of v25.2 through v25.2.0-beta.1April 28, 2025
Diagnostics reporting, if enabled for a cluster, may have sent OIDC credentials stored in cluster settings to a secure, limited access Cockroach Labs telemetry database. The payload would have contained a unique cluster ID, and no publicly identifiable customer information.v20.2, v21.1, v21.2, v22.1, v22.2, v23.1.0 to v23.1.28, v23.2.0 to 23.2.13, v24.1.0 to v24.1.6, v24.2.0 to v24.2.4, v24.3.0-alpha.1+October 25, 2024
During a sustained period of disk slowness in the presence of lease transfers, it is possible for some writes in a transaction that straddle multiple ranges to be lost.v22.2, v23.1.0 to v23.1.26, v23.2.0 to v23.2.10, v24.1.0October 8, 2024
Changefeeds could emit events on the same row out of order in some cases.v23.1, v23.2.0 to v23.2.9, v24.1.0 to v24.1.3, and testing versions of v24.2 through v24.2.0-beta.3September 3, 2024
Changefeeds could drop events during the initial scan in some cases, causing changefeed consumers to receive incomplete data.v22.2, v23.1.0 to v23.1.21, v23.2.0 to v23.2.5, and testing versions of v24.1 through v24.1.0-rc.1June 17, 2024
In rare cases, a rangefeed bug may cause a checkpoint to be emitted prematurely, before all writes below the checkpoint timestamp have been emitted.v2.1.11 to v22.2.17, v23.1.0 to v23.1.14, v23.2.0February 21, 2024
A bug could cause a query plan to skip scanning rows from the local region when performing a lookup join with a REGIONAL BY ROW table as the input.v23.1.0 to v23.1.12, and pre-release versions v23.1.0-beta.1, v23.1.0-beta.2, v23.1.0-beta.3, v23.1.0-rc.1, and v23.1.0-rc.2December 5, 2023
Queries reading a table that uses at least one explicit column family in its definition and was restored from a backup using version v22.2.7 to v22.2.13 or v23.1.0 to v23.1.8 may return errors or incorrect results.v22.2.7 to v22.2.13, v23.1.0 to v23.1.8September 22, 2023
Clusters using row-level TTL and upgraded from v22.2.x to 23.1.9 may experience nodes crashing due to the erroneous deletion of a necessary metadata field.Clusters running v22.2.x upgrading to v23.1.9September 12, 2023
When the encryption-at-rest registry rolls over, the append-only log file contains a bug that could result in loss of the store.v21.2.x, ≤ 22.1.21, ≤ 22.2.12, ≤ 23.1.7August 15, 2023
When adding a new column using the new declarative schema changer, CockroachDB retrieves a unique secondary index mistakenly, assuming it to be a primary index.v22.2.x, v23.1.0 to v23.1.5July 18, 2023
Inserting rows into a multi-column-family table with COPY can corrupt the table, making future reads fail with internal errors.v23.1.0-alpha.1 to v23.1.0May 16, 2023
Some customers may experience spurious privilege errors when trying to run queries due to a bug in the query cache.v22.1.19 and v22.2.8May 11, 2023
In specific circumstances, a RESTORE operation may restore incorrect data from a backup that contains incorrect metadata related to revision history.v22.2.0 to v22.2.8 and v22.1.0 to 22.1.19May 9, 2023
After upgrading to CockroachDB v22.2.0-v22.2.7, a bug could cause primary index corruption when an ALTER TABLE..ADD COLUMN statement executes concurrently with an UPDATE or INSERT command, and the schema change fails and is rolled back.v22.2.0 to v22.2.7April 17, 2023
Non-admin SQL users with an authenticated HTTP session could download statement diagnostic bundles given a bundle URL from the DB Console or SQL shell with a valid HTTP session cookie.v21.2.x, v22.1.0 to v22.1.16, v22.2.0 to v22.2.6March 29, 2023
A restore job can potentially skip some data files upon resumption of an in-progress RESTORE, which could lead to missing rows after the job succeeds.v22.2.6March 29, 2023
The SCRAM protocol had a high default hash count causing connection latency spikes for clients running on limited CPU.v22.2.0 to v22.2.6March 29, 2023
Queries planned with a zigzag join could produce incorrect results if the two indexes used for the join had a matching suffix of index key columns where the direction was different between the two indexes.v19.1 to v22.1.15, v22.2.0 to v22.2.5March 6, 2023
When executing ALTER TABLE DROP COLUMN of a column used in a partial index, all DML statements referencing the table fail with an error during the delete-only phase.v20.2.0 to v22.1.15, v22.2.0-v22.2.5March 6, 2023
Altering a non-empty table to add a column with a DEFAULT expression in which the type of the expression did not match the type of the new column could cause the column to become corrupted.v22.2.0-alpha.1 to v22.2.3March 1, 2023
Clusters that are upgraded to v22.2.4 when a previous upgrade to v22.2.x has not been finalized exhibit a bug that prevents non-admin users from connecting to the cluster.v22.2.4February 16, 2023
The global NOSQLLOGIN privilege does not restrict SQL access as it should.v22.2.0-v22.2.3February 6, 2023
CockroachDB may display higher than expected values for histogram metrics when calculating quantiles.v22.2.0 - v22.2.3January 27, 2023
CockroachDB Cloud users with the Developer role could perform SQL admin-like operations using a specific internal DB Console API.CockroachDB Cloud from November 2022 - January 2023January 18, 2023
CockroachDB crashes when a user-defined function is created using any implicit record type which contains a column of user-defined ENUM type as the function’s parameter type or return type.v22.2.0 and v22.2.1January 4, 2023
Changefeeds using the initial_scan=‘only’ or schema_change_policy=‘stop’ options may incorrectly complete with a successful status under certain circumstances.v22.1.6 to v22.1.9December 20, 2022
A RESTORE of an incremental backup may include rows that should not be restored, in a narrow set of circumstances relating to an ongoing IMPORT INTO job.v22.1.0 to v22.1.8 and v21.2.0 to v21.2.16October 24, 2022
A query with ORDER BY and LIMIT clauses could return incorrect results if it scanned a multi-column index containing the ORDER BY columns, and a prefix of the index columns was held fixed to two or more constant values by the query filter or schema.v22.1.0 to v22.1.8October 17, 2022
Querying a REGIONAL BY ROW or partitioned multi-region table could produce incorrect results if the query has a LIMIT of less than 100,000 and uses an inverted index.v22.1.0 to v22.1.7September 29, 2022
Multi-region tables whose locality has been altered to REGIONAL BY ROW are at risk of being corruptedv22.1.0 to v22.1.3July 19, 2022
Adding a column to a table which references a sequence, or creating a table with columns referencing sequences, adds an incomplete back-reference to the sequence metadata.v22.1.0 to v22.1.2July 18, 2022
If a CREATE MATERIALIZED VIEW statement fails, all objects referenced in its SELECT query will be unusable.v21.2.0 to v21.2.12, v22.1.0July 18, 2022
Secondary indexes containing columns that are not null, have a volatile default expression, and are present in one or more secondary indexes will have inconsistent values relative to the primary index, which can lead to incorrect query results.v21.1.x, v21.2.0 to v21.2.12, v22.1.0June 28, 2022
Left outer joins and correlated subqueries can produce incorrect results.v22.1.0June 6, 2022
During or after an upgrade from CockroachDB v21.2.x to v22.1.0, existing changefeeds will stop emitting data.v22.1.0-alpha.1 to v22.1.0June 3, 2022
Prepared SELECT queries that filter a column with a constant casted to the wrong type fail to return the expected resultsv21.2.0 to v21.2.10, v22.1.0-alpha.1 to v22.1.0May 23, 2022
Data key rotation is inadvertently disabled if the store key hasn’t changed since the last node startAll clusters with encryption-at-rest enabled running versions of CockroachDB v20.2.x, v21.1.0 to v21.1.18, and v21.2.0 to v21.2.9.May 2, 2022
The optimizer has been found to create logically incorrect query plans in some cases.v21.1.0 to v21.1.17, v21.2.0 to v21.2.8, v22.1.0-alpha.1 to v22.1.0-beta.1April 14, 2022
Importing duplicate keys can cause violations of UNIQUE constraintsv21.2.0 to v21.2.7, 22.1.0-alpha.1-22.1.0-alpha.5, v22.1.0-beta.1.April 12, 2022
The optimizer has been found to create logically incorrect query plans in some cases.v21.1.0 to v21.1.16, v21.2.0 to v21.1.7, 22.1.0-alpha.1-22.1.0-alpha.5April 11, 2022
The optimizer can omit ON conditions of joins in query plans, causing incorrect results.v20.2.0 to v20.2.19, v21.1.0 to v21.1.15, v21.2.0 to v21.2.6March 9, 2022
Users without the appropriate permissions may cancel any other users’ sessions from the DB Consolev20.2.0 to v20.2.18, v21.1.0 to v21.1.13, v21.2.0 to v21.2.4February 10, 2022
Queries can miss rows in a primary or unique index that is being scanned, causing incorrect query results.v21.2.0 to v21.2.4February 7, 2022
Partial indexes can be corrupted by UPDATE statements, resulting in incorrect query results for any queries that use the partial indexv21.1 and v21.2 prior to v21.1.13 and v21.2.4January 6, 2022
No Cockroach Labs products or services are affected by the recent CVE-2021-44228 Apache Log4j vulnerability.NoneDecember 14, 2021
Planning queries over partitioned tables with a DEFAULT partition in a PARTITION BY LIST clause could cause a spurious internal errorv21.1 and v21.2 prior to v21.1.13 and v21.2.3December 14, 2021
The optimizer could plan queries that use semi-joins against multi-region REGIONAL BY ROW tables incorrectlyv21.2.0November 29, 2021
Backups fail during upgrade processv21.2.0November 18, 2021
SQL statements that used secondary unique indexes that were created as a result of an ALTER PRIMARY KEY statement can return incorrect results.v20.2, v21.1November 8, 2021
Zigzag joins could potentially produce incorrect resultsv19.2, v20.1, v20.2, v21.1November 2, 2021
CockroachDB v21.1.9 drops WHERE predicates from prepared statements in specific circumstancesv21.1.9October 7, 2021
CockroachDB v21.1.8 can not be downgradedv21.1.8September 7, 2021
sql.trace.txn.enable\_threshold cluster setting causes crash loopsv21.1.0 to v21.1.6August 20, 2021
TRUNCATE TABLE during CREATE/ALTER INDEX can cause data corruptionv20.2.0 to v20.2.8July 29, 2021
Race condition between reads and replica removalv20.1 and laterMay 3, 2021
Invalid incremental backups under certain circumstancesv19.1.0 to v19.1.11, v19.2.0 to v19.2.12, v20.1.0 to v20.1.14, v20.2.0 to v20.2.7April 30, 2021
HTTP requests can cause full-cluster denial of service (DoS)v19.2.0 to v19.2.11, v20.1.0 to v20.1.10, v20.2.0 to v20.2.3February 2, 2021
Incorrect timezone calculations with “slim” zoneinfo formatAllOctober 29, 2020
Incorrect behavior with large batch UPSERTsv20.1.4, v20.1.5September 24, 2020
TRUNCATE prevents table renamingv19.1.0 to v19.1.10, v19.2.0 to v19.2.8July 6, 2020
Data corruption/loss issue with snapshots and delete rangev2.1.0 to v2.1.9, v19.1.0 to v19.1.8, v19.2.0 to v19.2.6May 20, 2020
Data leak in statement detailsv2.1.0 to v2.1.11, v19.1.0 to v19.1.7, v19.2.0 to v19.2.3February 12, 2020
Schema changes may cause cluster unavailabilityv19.1.0 to v19.1.7, v19.2.0 to v19.2.3February 12, 2020
SHOW JOBS and Jobs page can endanger cluster stabilityv19.2.0 to v19.2.2February 12, 2020
HTTP authentication for non-Enterprise usersv2.1.10-onward, v19.1.6-onward, v19.2.2January 22, 2020
HTTP endpoint vulnerabilityv2.1.0 to v2.1.8, v19.1.0 to v19.1.5, v19.2.0 to v19.2.1January 22, 2020
Authentication bypass for internal RPCsv1.1.0 to v1.1.8, v2.0.0 to v2.0.4October 1, 2018