VYPR
High severityNVD Advisory· Published Nov 13, 2025· Updated Nov 13, 2025

pgAdmin 4: LDAP injection vulnerability in LDAP authentication flow.

CVE-2025-12764

Description

pgAdmin <= 9.9  is affected by an LDAP injection vulnerability in the LDAP authentication flow that allows an attacker to inject special LDAP characters in the username, causing the DC/LDAP server and the client to process an unusual amount of data DOS.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
pgadmin4PyPI
< 9.109.10

Affected products

17

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.