Pgadmin.org
Products
1- Pgadmin433 CVEspypi
Recent CVEs
33| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-12046 | imp | 0.59 | 9.0 | 0.01 | Jun 18, 2026 | pgadmin4: pgAdmin 4: Remote Code Execution due to missing authentication on critical functions | ||
| CVE-2026-12045 | imp | 0.59 | 9.0 | 0.01 | Jun 18, 2026 | pgadmin4: pgAdmin 4: Remote code execution via prompt injection in AI Assistant | ||
| CVE-2026-7813 | Cri | 0.57 | 9.9 | 0.00 | May 11, 2026 | Authorization vulnerability in pgAdmin 4 server mode affecting Server Groups, Servers, Shared Servers, Background Processes, and Debugger modules. Multiple endpoints fetched user-owned objects without filtering by the requesting user's identity. An authenticated user could… | ||
| CVE-2026-7816 | Hig | 0.50 | 8.8 | 0.01 | May 11, 2026 | OS command injection (CWE-78) vulnerability in pgAdmin 4 Import/Export query export. User-supplied input was interpolated directly into a psql \copy metacommand template without sanitization. An authenticated user could inject ") TO PROGRAM 'cmd'" to break out of the \copy… | ||
| CVE-2026-7815 | Hig | 0.50 | 8.8 | 0.00 | May 11, 2026 | SQL injection vulnerability in pgAdmin 4 Maintenance Tool. Four user-supplied JSON fields (buffer_usage_limit, vacuum_parallel, vacuum_index_cleanup, reindex_tablespace) were concatenated directly into the rendered VACUUM/ANALYZE/REINDEX command and passed to psql --command. An… | ||
| CVE-2026-7819 | Hig | 0.46 | 8.1 | 0.00 | May 11, 2026 | Symbolic-link path traversal (CWE-61, CWE-22) in pgAdmin 4 File Manager. check_access_permission used os.path.abspath, which resolves '..' but does not resolve symbolic links, while the subsequent kernel write follows symlinks. An authenticated user could plant a symbolic link… | ||
| CVE-2026-7818 | Hig | 0.39 | 7.0 | 0.00 | May 11, 2026 | Deserialization of untrusted data (CWE-502) in pgAdmin 4 FileBackedSessionManager. The session manager performed unsafe deserialization of session-file contents (using Python's standard object-serialization module) before performing any HMAC integrity check. Any file dropped… | ||
| CVE-2026-7820 | Med | 0.35 | 6.5 | 0.00 | May 11, 2026 | Improper restriction of excessive authentication attempts (CWE-307) in pgAdmin 4. pgAdmin enforces MAX_LOGIN_ATTEMPTS only inside its custom /authenticate/login view. Flask-Security's default /login view, which is registered automatically by security.init_app() and is reachable… | ||
| CVE-2026-7817 | Med | 0.35 | 6.5 | 0.00 | May 11, 2026 | Local file inclusion (LFI) and server-side request forgery (SSRF) vulnerabilities in pgAdmin 4 LLM API configuration endpoints. User-supplied api_key_file and api_url preferences were passed to the LLM provider clients without validation. An authenticated user could read… | ||
| CVE-2026-12047 | mod | 0.30 | 4.6 | 0.00 | Jun 18, 2026 | pgadmin4: pgAdmin 4: HTML injection via unsanitized SDK exception messages in cloud deployment module | ||
| CVE-2026-7814 | Med | 0.24 | 4.8 | 0.00 | May 11, 2026 | Stored cross-site scripting (XSS) vulnerability in pgAdmin 4 Browser Tree and Explain Visualizer modules. User-controlled PostgreSQL object names (database, schema, table, column, etc.) were assigned to DOM elements via innerHTML, allowing crafted object names containing HTML… | ||
| CVE-2026-12050 | mod | 0.21 | 4.3 | 0.00 | Jun 18, 2026 | pgadmin4: pgAdmin 4: Arbitrary SQL execution via SQL injection in restore point endpoint | ||
| CVE-2026-12049 | low | 0.16 | 3.5 | 0.00 | Jun 18, 2026 | pgAdmin 4: pgAdmin 4: Open redirect vulnerability in multi-factor authentication can lead to phishing | ||
| CVE-2024-9014 | 0.07 | — | 0.10 | Sep 23, 2024 | pgAdmin versions 8.11 and earlier are vulnerable to a security flaw in OAuth2 authentication. This vulnerability allows an attacker to potentially obtain the client ID and secret, leading to unauthorized access to user data. | |||
| CVE-2024-2044 | 0.02 | — | 0.79 | Mar 7, 2024 | pgAdmin <= 8.3 is affected by a path-traversal vulnerability while deserializing users’ sessions in the session handling code. If the server is running on Windows, an unauthenticated attacker can load and deserialize remote pickle objects and gain code execution. If the server… | |||
| CVE-2024-3116 | 0.01 | — | 0.65 | Apr 4, 2024 | pgAdmin <= 8.4 is affected by a Remote Code Execution (RCE) vulnerability through the validate binary path API. This vulnerability allows attackers to execute arbitrary code on the server hosting PGAdmin, posing a severe risk to the database management system's integrity and… | |||
| CVE-2026-12048 | 0.00 | — | 0.00 | Jun 18, 2026 | Stored cross-site scripting in pgAdmin 4's error-rendering and plan-node-rendering paths. Text returned by a PostgreSQL server (ErrorResponse messages, including object names quoted back inside relation-does-not-exist errors and inside EXPLAIN Recheck Cond / Exact Heap Blocks… | |||
| CVE-2026-12044 | 0.00 | — | 0.01 | Jun 18, 2026 | SQL injection in pgAdmin 4 across every dialog template that renders ``COMMENT ON ... IS ''`` for a user-supplied description field. The Jinja templates for Domains (and their constraints), Foreign Tables, Languages, and Event Triggers, plus the Views OID-lookup… | |||
| CVE-2026-1707 | 0.00 | — | 0.00 | Feb 5, 2026 | pgAdmin versions 9.11 are affected by a Restore restriction bypass via key disclosure vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. An attacker with access to the pgAdmin web interface can observe an active restore… | |||
| CVE-2025-13780 | 0.00 | — | 0.01 | Dec 11, 2025 | pgAdmin versions up to 9.10 are affected by a Remote Code Execution (RCE) vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting… |
- risk 0.59cvss 9.0epss 0.01
pgadmin4: pgAdmin 4: Remote Code Execution due to missing authentication on critical functions
- risk 0.59cvss 9.0epss 0.01
pgadmin4: pgAdmin 4: Remote code execution via prompt injection in AI Assistant
- risk 0.57cvss 9.9epss 0.00
Authorization vulnerability in pgAdmin 4 server mode affecting Server Groups, Servers, Shared Servers, Background Processes, and Debugger modules. Multiple endpoints fetched user-owned objects without filtering by the requesting user's identity. An authenticated user could…
- risk 0.50cvss 8.8epss 0.01
OS command injection (CWE-78) vulnerability in pgAdmin 4 Import/Export query export. User-supplied input was interpolated directly into a psql \copy metacommand template without sanitization. An authenticated user could inject ") TO PROGRAM 'cmd'" to break out of the \copy…
- risk 0.50cvss 8.8epss 0.00
SQL injection vulnerability in pgAdmin 4 Maintenance Tool. Four user-supplied JSON fields (buffer_usage_limit, vacuum_parallel, vacuum_index_cleanup, reindex_tablespace) were concatenated directly into the rendered VACUUM/ANALYZE/REINDEX command and passed to psql --command. An…
- risk 0.46cvss 8.1epss 0.00
Symbolic-link path traversal (CWE-61, CWE-22) in pgAdmin 4 File Manager. check_access_permission used os.path.abspath, which resolves '..' but does not resolve symbolic links, while the subsequent kernel write follows symlinks. An authenticated user could plant a symbolic link…
- risk 0.39cvss 7.0epss 0.00
Deserialization of untrusted data (CWE-502) in pgAdmin 4 FileBackedSessionManager. The session manager performed unsafe deserialization of session-file contents (using Python's standard object-serialization module) before performing any HMAC integrity check. Any file dropped…
- risk 0.35cvss 6.5epss 0.00
Improper restriction of excessive authentication attempts (CWE-307) in pgAdmin 4. pgAdmin enforces MAX_LOGIN_ATTEMPTS only inside its custom /authenticate/login view. Flask-Security's default /login view, which is registered automatically by security.init_app() and is reachable…
- risk 0.35cvss 6.5epss 0.00
Local file inclusion (LFI) and server-side request forgery (SSRF) vulnerabilities in pgAdmin 4 LLM API configuration endpoints. User-supplied api_key_file and api_url preferences were passed to the LLM provider clients without validation. An authenticated user could read…
- risk 0.30cvss 4.6epss 0.00
pgadmin4: pgAdmin 4: HTML injection via unsanitized SDK exception messages in cloud deployment module
- risk 0.24cvss 4.8epss 0.00
Stored cross-site scripting (XSS) vulnerability in pgAdmin 4 Browser Tree and Explain Visualizer modules. User-controlled PostgreSQL object names (database, schema, table, column, etc.) were assigned to DOM elements via innerHTML, allowing crafted object names containing HTML…
- risk 0.21cvss 4.3epss 0.00
pgadmin4: pgAdmin 4: Arbitrary SQL execution via SQL injection in restore point endpoint
- risk 0.16cvss 3.5epss 0.00
pgAdmin 4: pgAdmin 4: Open redirect vulnerability in multi-factor authentication can lead to phishing
- CVE-2024-9014Sep 23, 2024risk 0.07cvss —epss 0.10
pgAdmin versions 8.11 and earlier are vulnerable to a security flaw in OAuth2 authentication. This vulnerability allows an attacker to potentially obtain the client ID and secret, leading to unauthorized access to user data.
- CVE-2024-2044Mar 7, 2024risk 0.02cvss —epss 0.79
pgAdmin <= 8.3 is affected by a path-traversal vulnerability while deserializing users’ sessions in the session handling code. If the server is running on Windows, an unauthenticated attacker can load and deserialize remote pickle objects and gain code execution. If the server…
- CVE-2024-3116Apr 4, 2024risk 0.01cvss —epss 0.65
pgAdmin <= 8.4 is affected by a Remote Code Execution (RCE) vulnerability through the validate binary path API. This vulnerability allows attackers to execute arbitrary code on the server hosting PGAdmin, posing a severe risk to the database management system's integrity and…
- CVE-2026-12048Jun 18, 2026risk 0.00cvss —epss 0.00
Stored cross-site scripting in pgAdmin 4's error-rendering and plan-node-rendering paths. Text returned by a PostgreSQL server (ErrorResponse messages, including object names quoted back inside relation-does-not-exist errors and inside EXPLAIN Recheck Cond / Exact Heap Blocks…
- CVE-2026-12044Jun 18, 2026risk 0.00cvss —epss 0.01
SQL injection in pgAdmin 4 across every dialog template that renders ``COMMENT ON ... IS ''`` for a user-supplied description field. The Jinja templates for Domains (and their constraints), Foreign Tables, Languages, and Event Triggers, plus the Views OID-lookup…
- CVE-2026-1707Feb 5, 2026risk 0.00cvss —epss 0.00
pgAdmin versions 9.11 are affected by a Restore restriction bypass via key disclosure vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. An attacker with access to the pgAdmin web interface can observe an active restore…
- CVE-2025-13780Dec 11, 2025risk 0.00cvss —epss 0.01
pgAdmin versions up to 9.10 are affected by a Remote Code Execution (RCE) vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting…