Check for CREATE privileges on the schema in CREATE STATISTICS (Jelte Fennema-Nio) §

This omission allowed table owners to create statistics in any schema, potentially leading to unexpected naming conflicts.

The PostgreSQL Project thanks Jelte Fennema-Nio for reporting this problem. (CVE-2025-12817)

Avoid integer overflow in allocation-size calculations within libpq (Jacob Champion) §

Several places in libpq were not sufficiently careful about computing the required size of a memory allocation. Sufficiently large inputs could cause integer overflow, resulting in an undersized buffer, which would then lead to writing past the end of the buffer.

The PostgreSQL Project thanks Aleksey Solovev of Positive Technologies for reporting this problem. (CVE-2025-12818)

Further fix processing of character classes within SIMILAR TO regular expressions (Laurenz Albe) §

The previous fix for translating SIMILAR TO pattern matching expressions to POSIX-style regular expressions broke a corner case that formerly worked: if there is an escape character right after the opening bracket and then a closing bracket right after the escape sequence (for example [\w]), the closing bracket was no longer seen as terminating the character class.

Fix parsing of aggregate functions whose arguments contain a sub-select with a FROM reference to a CTE outside the aggregate function (Tom Lane) §

Such a CTE reference must act like a outer-level column reference when determining the aggregate's semantic level; but it was not being accounted for, leading to obscure planner or executor errors.

Fix “no relation entry for relid” errors in corner cases while estimating SubPlan costs (Richard Guo) §

Remove faulty assertion in btree index cleanup (Peter Geoghegan) §

Fix possible infinite loop in GIN index scans with multiple scan conditions (Tom Lane) §

GIN can handle scan conditions that can reject non-matching entries but are not useful for searching for relevant entries, for example a tsquery clause like !term. But such a condition must not be first in the array of scan conditions. The code failed to ensure that in all cases, with the result that a query having a mix of such conditions with normal conditions might work or not depending on the order in which the conditions were given in the query.

Ensure that GIN index scans can be canceled (Tom Lane) §

Some code paths were capable of running for a long time without checking for interrupts.

Ensure that BRIN autosummarization provides a snapshot for index expressions that need one (Álvaro Herrera) § §

Previously, autosummarization would fail for such indexes, and then leave placeholder index tuples behind, causing the index to bloat over time.

Fix integer-overflow hazard in BRIN index scans when the table contains close to 2³² pages (Sunil S) §

This oversight could result in an infinite loop or scanning of unneeded table pages.

Fix incorrect zero-extension of stored values in JIT-generated tuple deforming code (David Rowley) §

When not using JIT, the equivalent code does sign-extension not zero-extension, leading to a different Datum representation of small integer data types. This inconsistency was masked in most cases, but it is known to lead to “could not find memoization table entry” errors when using Memoize plan nodes, and there might be other symptoms.

Add missing EvalPlanQual rechecks for TID Scan and TID Range Scan plan nodes (Sophie Alpert, David Rowley) §

This omission led to possibly not rechecking a condition on ctid during concurrent-update situations, causing the update's behavior to vary depending on which plan type had been selected.

Fix EvalPlanQual handlin