EUVD-2026-37969

🗓️ 19 Jun 2026 00:31:38Reported by EUVDType

Open redirect in pgAdmin four multi factor authentication flow via next parameter; adds safe redirect checks.

Reporter	Title	Published	Views	Family All 6
ATTACKERKB	CVE-2026-12049	18 Jun 202623:37	–	attackerkb
CVE	CVE-2026-12049	18 Jun 202623:37	–	cve
Cvelist	CVE-2026-12049 pgAdmin 4: Open redirect in multi-factor authentication flow via unvalidated 'next' parameter	18 Jun 202623:37	–	cvelist
NVD	CVE-2026-12049	19 Jun 202600:16	–	nvd
Positive Technologies	PT-2026-50815	18 Jun 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-12049	19 Jun 202603:29	–	redhatcve

[
  {
    "enisaIdVendor": [
      {
        "id": "7bf8316f-5197-3629-acbd-c8256d97afca",
        "vendor": {
          "name": "pgadmin.org"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "d4523702-0d89-3315-8614-c329adb59898",
        "product": {
          "name": "pgAdmin 4",
          "vendor": {
            "name": "pgadmin.org"
          }
        },
        "product_version": "6.0 <9.16"
      }
    ]
  }
]

Source	Link
github	www.github.com/pgadmin-org/pgadmin4/issues/10028
github	www.github.com/pgadmin-org/pgadmin4/commit/fff6a481854b07822c2b54e8181e6a9076d204cd
nvd	www.nvd.nist.gov/vuln/detail/CVE-2026-12049

19 Jun 2026 00:31Current

5.3Medium risk

Vulners AI Score5.3

CVSS 45.3

CVSS 3.14.3