CVE-2026-7817 pgAdmin 4: Local file inclusion and server-side request forgery in LLM API configuration endpoints

Local file inclusion LFI and server-side request forgery SSRF vulnerabilities in pgAdmin 4 LLM API configuration endpoints. User-supplied apikeyfile and apiurl preferences were passed to the LLM provider clients without validation. An authenticated user could read arbitrary server-side files by...

CVE-2026-7816 pgAdmin 4: OS command injection in Import/Export query export via psql metacommand breakout

OS command injection CWE-78 vulnerability in pgAdmin 4 Import/Export query export. User-supplied input was interpolated directly into a psql \copy metacommand template without sanitization. An authenticated user could inject " TO PROGRAM 'cmd'" to break out of the \copy ... context and achieve...

CVE-2026-7816

OS command injection CWE-78 vulnerability in pgAdmin 4 Import/Export query export. User-supplied input was interpolated directly into a psql \copy metacommand template without sanitization. An authenticated user could inject " TO PROGRAM 'cmd'" to break out of the \copy ... context and achieve...

CVE-2026-7815 pgAdmin 4: SQL injection in Maintenance tool option values leading to remote code execution

SQL injection vulnerability in pgAdmin 4 Maintenance Tool. Four user-supplied JSON fields bufferusagelimit, vacuumparallel, vacuumindexcleanup, reindextablespace were concatenated directly into the rendered VACUUM/ANALYZE/REINDEX command and passed to psql --command. An authenticated user with th...

CVE-2026-7816

The CVE-2026-7816 entry describes an OS command injection in pgAdmin 4 Import/Export query export. User input was directly interpolated into a psql \copy metacommand template without sanitization, allowing an authenticated user to inject commands to break out of the \copy context and execute arbi...

CVE-2026-7816 pgAdmin 4: OS command injection in Import/Export query export via psql metacommand breakout

OS command injection CWE-78 vulnerability in pgAdmin 4 Import/Export query export. User-supplied input was interpolated directly into a psql \copy metacommand template without sanitization. An authenticated user could inject " TO PROGRAM 'cmd'" to break out of the \copy ... context and achieve...

CVE-2026-7814 pgAdmin 4: Stored XSS via crafted PostgreSQL object names in Browser Tree and Explain Visualizer

Stored cross-site scripting XSS vulnerability in pgAdmin 4 Browser Tree and Explain Visualizer modules. User-controlled PostgreSQL object names database, schema, table, column, etc. were assigned to DOM elements via innerHTML, allowing crafted object names containing HTML markup to execute...

CVE-2026-7814

Summary: CVE-2026-7814 is a stored XSS in pgAdmin 4’s Browser Tree and Explain Visualizer. User-controlled PostgreSQL object names (database, schema, table, column, etc.) were inserted into the DOM via innerHTML, enabling crafted names with HTML markup to execute attacker-supplied JavaScript in a...

CVE-2026-7814 pgAdmin 4: Stored XSS via crafted PostgreSQL object names in Browser Tree and Explain Visualizer

Stored cross-site scripting XSS vulnerability in pgAdmin 4 Browser Tree and Explain Visualizer modules. User-controlled PostgreSQL object names database, schema, table, column, etc. were assigned to DOM elements via innerHTML, allowing crafted object names containing HTML markup to execute...

CVE-2026-7813

pgAdmin 4 server mode CVE-2026-7813 enables cross-user data access and privilege escalation in Shared Servers. An authenticated user could enumerate object IDs to fetch another user’s private servers, server groups, background processes, and debugger arguments due to lacking user-scoped access co...

PT-2026-39627

Name of the Vulnerable Software and Affected Versions pgAdmin 4 versions prior to 9.15 Description Local file inclusion LFI and server-side request forgery SSRF issues exist in the LLM API configuration endpoints. Authenticated users can read arbitrary server-side files by providing a path to the...

pgAdmin 4 安全漏洞

pgAdmin 4 is an open-source management and development platform for PostgreSQL, developed by the pgAdmin Project. Versions of pgAdmin 4 prior to 9.15 contained security vulnerabilities. These vulnerabilities were caused by local file inclusion and server-side request forgeing, which could allow...

pgAdmin 跨站脚本漏洞

pgAdmin is an open-source management and development platform for the open-source database PostgreSQL. Versions of pgAdmin prior to 4.9.15 had a cross-site scripting vulnerability. This vulnerability stemmed from stored cross-site scripts, which could allow user-controlled PostgreSQL object names...

PT-2026-39625

Name of the Vulnerable Software and Affected Versions pgAdmin 4 versions prior to 9.15 Description An SQL injection exists in the Maintenance Tool where four user-supplied JSON fields—buffer usage limit, vacuum parallel, vacuum index cleanup, and reindex tablespace—are concatenated directly into...

PT-2026-39629

Symbolic-link path traversal CWE-61, CWE-22 in pgAdmin 4 File Manager. check access permission used os.path.abspath, which resolves '..' but does not resolve symbolic links, while the subsequent kernel write follows symlinks. An authenticated user could plant a symbolic link inside their own...

pgAdmin 代码问题漏洞

pgAdmin is an open-source management and development platform for the open-source database PostgreSQL. Versions of pgAdmin prior to 4.9.15 had code vulnerabilities related to deserializing unreliable data. These vulnerabilities could allow authenticated users to execute remote code by placing...

pgAdmin SQL注入漏洞

pgAdmin is an open-source management and development platform for the open-source database PostgreSQL. Versions of pgAdmin prior to 4.9.15 had a SQL injection vulnerability. This vulnerability allows authenticated users to inject arbitrary SQL statements in VACUUM/ANALYZE/REINDEX commands,...

PT-2026-39630

Improper restriction of excessive authentication attempts CWE-307 in pgAdmin 4. pgAdmin enforces MAX LOGIN ATTEMPTS only inside its custom /authenticate/login view. Flask-Security's default /login view, which is registered automatically by security.init app and is reachable on every server, never...

PT-2026-39624

Name of the Vulnerable Software and Affected Versions pgAdmin 4 versions prior to 9.15 Description A stored cross-site scripting XSS issue exists in the Browser Tree and Explain Visualizer modules. User-controlled PostgreSQL object names, such as those for databases, schemas, tables, or columns,...

pgAdmin SQL注入漏洞

pgAdmin is an open-source management and development platform for the open-source database PostgreSQL. Versions of pgAdmin prior to 4.9.15 had a SQL injection vulnerability. This vulnerability could allow authenticated users to inject arbitrary commands in the psql copy command, enabling executio...