CVE-2026-25212
Percona PMM prior to 3.7 is affected. An internal database user with superuser privileges can leverage the pmm-admin authenticated Add data source flow to break out of the database context and run shell commands on the underlying OS. This is evidenced in multiple sources (e.g., Percona release no...