pgAdmin < 9.12 Command Execution (GHSA-3p7x-94q9-jq9x)

The version of pgAdmin installed on the remote host is prior to 9.12. It is, therefore, affected by command execution vulnerability: - pgAdmin versions prior to 9.12 are affected by a Restore restriction bypass via key disclosure vulnerability that occurs when running in server mode and performin...

GHSA-3P7X-94Q9-JQ9X pgadmin4 affected by a Restore restriction bypass via key disclosure vulnerability

pgAdmin versions 9.11 are affected by a Restore restriction bypass via key disclosure vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. An attacker with access to the pgAdmin web interface can observe an active restore operation, extract t...

CVE-2026-1707

pgAdmin versions 9.11 are affected by a Restore restriction bypass via key disclosure vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. An attacker with access to the pgAdmin web interface can observe an active restore operation, extract t...

CVE-2025-13780

pgAdmin versions up to 9.10 are affected by a Remote Code Execution RCE vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting pgAdmin, posing a critical...

CVE-2025-13780 Remote Code Execution vulnerability when restoring PLAIN-format SQL dumps in server mode (pgAdmin 4)

pgAdmin versions up to 9.10 are affected by a Remote Code Execution RCE vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting pgAdmin, posing a critical...

PT-2025-50670

Name of the Vulnerable Software and Affected Versions pgAdmin versions up to 9.10 Description pgAdmin versions up to 9.10 are susceptible to a Remote Code Execution RCE issue when running in server mode and restoring from PLAIN-format dump files. This flaw allows attackers to inject and execute...

pgAdmin 安全漏洞

pgAdmin is pgAdmin open source an open source management and development platform for the open source database PostgreSQL. A security vulnerability exists in pgAdmin 9.10 and earlier versions, which originates in server mode when restoring a PLAIN format dump file could lead to remote code...

SUSE CVE-2025-12762

pgAdmin versions up to 9.9 are affected by a Remote Code Execution RCE vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting pgAdmin, posing a critical...

EUVD-2025-169296

pgAdmin4 vulnerable to Remote Code Execution RCE when running in server mode...

GHSA-W2P4-P4RH-QCM3 pgAdmin4 vulnerable to Remote Code Execution (RCE) when running in server mode

pgAdmin versions up to 9.9 are affected by a Remote Code Execution RCE vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting pgAdmin, posing a critical...

PT-2025-46819

Name of the Vulnerable Software and Affected Versions pgAdmin versions up to 9.9 Description pgAdmin is susceptible to a Remote Code Execution RCE issue that arises when operating in server mode and restoring from PLAIN-format dump files. This flaw allows attackers to inject and execute arbitrary...

Inclusion of Functionality from Untrusted Control Sphere

Overview Affected versions of this package are vulnerable to Inclusion of Functionality from Untrusted Control Sphere when restoring from a plain-text dump file. An attacker can embed malicious psql meta-commands into dump files generated by pgdump --format=plain, pgdumpall, or pgrestore --file...