CVE-2026-1707

pgAdmin versions 9.11 are affected by a Restore restriction bypass via key disclosure vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. An attacker with access to the pgAdmin web interface can observe an active restore operation, extract t...

pgAdmin < 9.11 RCE

The version of pgAdmin installed on the remote host is prior to 9.11. It is, therefore, affected by remote code execution vulnerability: - pgAdmin versions up to 9.10 are affected by a Remote Code Execution RCE vulnerability that occurs when running in server mode and performing restores from...

Remote Code Execution (RCE)

pgAdmin is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper handling of PLAIN-format dump files during restore operations in server mode, allowing attackers to inject malicious commands that are executed on the server hosting pgAdmin...

Arbitrary Code Injection

pgAdmin is vulnerable to Arbitrary Code Injection. The vulnerability is due to improper handling of PLAIN-format dump files during restore operations in server mode, which allows an attacker to inject and execute arbitrary commands on the server hosting pgAdmin...

CVE-2025-12762

pgAdmin versions up to 9.9 are affected by a Remote Code Execution RCE vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting pgAdmin, posing a critical...