BIT-POSTGRESQL-2025-8714 PostgreSQL pg_dump lets superuser of origin server execute arbitrary code in psql client
Untrusted data inclusion in pgdump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pgdumpall is also affected. pgrestore is affected...