CVE-2026-12049
- EPSS 0.22%
- Veröffentlicht 18.06.2026 23:37:43
- Zuletzt bearbeitet 29.06.2026 15:16:21
Open redirect in pgAdmin 4's multi-factor authentication flow. The MFA validate and register endpoints honoured the user-supplied 'next' query/form parameter without confirming the target pointed back inside pgAdmin, so an authenticated victim who cl...
CVE-2026-12048
- EPSS 0.21%
- Veröffentlicht 18.06.2026 23:37:41
- Zuletzt bearbeitet 29.06.2026 15:17:13
Stored cross-site scripting in pgAdmin 4's error-rendering and plan-node-rendering paths. Text returned by a PostgreSQL server (ErrorResponse messages, including object names quoted back inside relation-does-not-exist errors and inside EXPLAIN Rechec...
CVE-2026-12047
- EPSS 0.14%
- Veröffentlicht 18.06.2026 23:37:39
- Zuletzt bearbeitet 29.06.2026 15:18:08
HTML injection in pgAdmin 4's cloud deployment module. The verify_credentials, deploy, regions, and update-server endpoints under /rds/, /azure/, /google/, and the top-level /cloud/ blueprint propagated AWS / Azure / Google SDK exception text — and t...
CVE-2026-12046
- EPSS 0.71%
- Veröffentlicht 18.06.2026 23:37:37
- Zuletzt bearbeitet 01.07.2026 19:27:45
Two state-mutating endpoints in pgAdmin 4's SQL Editor blueprint -- DELETE /sqleditor/close/<trans_id> and POST /sqleditor/initialize/sqleditor/update_connection/<sgid>/<sid>/<did> -- were the only routes in the module missing the @pga_login_required...
CVE-2026-12045
- EPSS 0.48%
- Veröffentlicht 18.06.2026 23:37:35
- Zuletzt bearbeitet 01.07.2026 19:26:30
Read-only transaction bypass in the pgAdmin 4 AI Assistant allows an attacker who can influence database content that the assistant reads to execute arbitrary SQL with the privileges of the pgAdmin user's database role. The AI Assistant's execute_sq...
CVE-2026-12050
- EPSS 0.25%
- Veröffentlicht 18.06.2026 23:37:19
- Zuletzt bearbeitet 29.06.2026 15:15:52
SQL injection in pgAdmin 4's named restore point endpoint (POST /browser/server/restore_point/{gid}/{sid}). The user-supplied 'value' field was interpolated directly into the SQL string with str.format() instead of being passed as a bound parameter, ...
CVE-2026-12044
- EPSS 0.49%
- Veröffentlicht 18.06.2026 23:37:16
- Zuletzt bearbeitet 01.07.2026 19:23:39
SQL injection in pgAdmin 4 across every dialog template that renders ``COMMENT ON ... IS '<description>'`` for a user-supplied description field. The Jinja templates for Domains (and their constraints), Foreign Tables, Languages, and Event Triggers, ...
CVE-2026-7819
- EPSS 0.36%
- Veröffentlicht 11.05.2026 16:17:39
- Zuletzt bearbeitet 26.05.2026 12:54:51
Symbolic-link path traversal (CWE-61, CWE-22) in pgAdmin 4 File Manager. check_access_permission used os.path.abspath, which resolves '..' but does not resolve symbolic links, while the subsequent kernel write follows symlinks. An authenticated user...
CVE-2026-7820
- EPSS 0.21%
- Veröffentlicht 11.05.2026 16:17:39
- Zuletzt bearbeitet 26.05.2026 12:54:11
Improper restriction of excessive authentication attempts (CWE-307) in pgAdmin 4. pgAdmin enforces MAX_LOGIN_ATTEMPTS only inside its custom /authenticate/login view. Flask-Security's default /login view, which is registered automatically by securit...
CVE-2026-7818
- EPSS 0.13%
- Veröffentlicht 11.05.2026 16:17:38
- Zuletzt bearbeitet 26.05.2026 13:28:57
Deserialization of untrusted data (CWE-502) in pgAdmin 4 FileBackedSessionManager. The session manager performed unsafe deserialization of session-file contents (using Python's standard object-serialization module) before performing any HMAC integri...