diff --git a/changelog/@unreleased/pr-6205.v2.yml b/changelog/@unreleased/pr-6205.v2.yml
new file mode 100644
index 00000000000..0e47c972923
--- /dev/null
+++ b/changelog/@unreleased/pr-6205.v2.yml
@@ -0,0 +1,5 @@
+type: improvement
+improvement:
+  description: Bump PostgreSQL driver from 42.3.3 -> 42.4.1 to remediate CVE
+  links:
+  - https://github.com/palantir/atlasdb/pull/6205
diff --git a/versions.lock b/versions.lock
index 3ff363c9c55..b763fc1ffc9 100644
--- a/versions.lock
+++ b/versions.lock
@@ -304,7 +304,7 @@ org.ow2.asm:asm-analysis:5.0.3 (1 constraints: ee09d4b2)
 org.ow2.asm:asm-commons:5.0.3 (1 constraints: ee09d4b2)
 org.ow2.asm:asm-tree:5.0.3 (4 constraints: d8272223)
 org.ow2.asm:asm-util:5.0.3 (1 constraints: ee09d4b2)
-org.postgresql:postgresql:42.3.3 (1 constraints: 3e054f3b)
+org.postgresql:postgresql:42.4.1 (1 constraints: 3d05503b)
 org.reflections:reflections:0.10.2 (1 constraints: 3505253b)
 org.rocksdb:rocksdbjni:7.4.4 (1 constraints: 11051e36)
 org.slf4j:jcl-over-slf4j:1.7.36 (3 constraints: 432fe5ed)
diff --git a/versions.props b/versions.props
index d93a20c3fe6..aeafe413adb 100644
--- a/versions.props
+++ b/versions.props
@@ -88,7 +88,7 @@ uk.org.lidalia:slf4j-test = 1.1.0
 com.datastax.cassandra:cassandra-driver-core = 3.8.0
 com.oracle.database.jdbc:ojdbc11 = 21.5.0.0
 com.palantir.cassandra:* = 2.2.13-1.6.0
-org.postgresql:postgresql = 42.3.3
+org.postgresql:postgresql = 42.4.1
 
 # transitive dep with API breaks in 0.14.0
 org.apache.thrift:libthrift = 0.12.0