Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: pgadmin-4 Clear
ID Title
CVE-2026-12050 SQL Injection in sqli (CVE-2026-12050)
SQL injection in sqli (CVE-2026-12050). Risk of unauthorized operations or information disclosure. Exploitable via `POST /browser/server/restore_point/{gid}/{sid}`.
CVE-2026-12049 Open Redirect in pgadmin (CVE-2026-12049)
vulnerability in pgadmin (CVE-2026-12049). Risk of unauthorized operations or information disclosure.
CVE-2026-12047 Cross-Site Scripting (XSS) in react (CVE-2026-12047)
cross-site scripting in react (CVE-2026-12047). Risk of unauthorized operations or information disclosure.
CVE-2026-12048 Cross-Site Scripting (XSS) in react (CVE-2026-12048)
cross-site scripting in react (CVE-2026-12048). Confidential information can be exposed externally.
CVE-2026-12046 Vulnerability in flask (CVE-2026-12046)
vulnerability in flask (CVE-2026-12046). Successful exploitation can lead to full system takeover. Exploitable via `DELETE /sqleditor/close/`.
CVE-2026-12045 Command Injection in pgadmin (CVE-2026-12045)
command injection in pgadmin (CVE-2026-12045). Successful exploitation can lead to full system takeover.
CVE-2026-12044 SQL Injection in sqli (CVE-2026-12044)
SQL injection in sqli (CVE-2026-12044). Successful exploitation can lead to full system takeover. Exploitable via ``qtLiteral``.
CVE-2026-7819 Vulnerability in pgadmin4 (CVE-2026-7819)
vulnerability in pgadmin4 (CVE-2026-7819). Data can be tampered with by attackers. Mitigation: upgrade to `9.15` or later.
CVE-2026-7820 Vulnerability in pgadmin4 (CVE-2026-7820)
vulnerability in pgadmin4 (CVE-2026-7820). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `9.15` or later.
CVE-2026-7816 OS Command Injection in pgadmin4 (CVE-2026-7816)
OS command injection in pgadmin4 (CVE-2026-7816). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.15` or later.
CVE-2026-7817 Vulnerability in pgadmin4 (CVE-2026-7817)
vulnerability in pgadmin4 (CVE-2026-7817). Confidential information can be exposed externally. Mitigation: upgrade to `9.15` or later.
CVE-2026-7818 Unsafe Deserialization in pgadmin4 (CVE-2026-7818)
vulnerability in pgadmin4 (CVE-2026-7818). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.15` or later.
CVE-2026-7813 Vulnerability in pgadmin4 (CVE-2026-7813)
vulnerability in pgadmin4 (CVE-2026-7813). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.15` or later.
CVE-2026-7814 Cross-Site Scripting (XSS) in pgadmin4 (CVE-2026-7814)
cross-site scripting in pgadmin4 (CVE-2026-7814). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `9.15` or later.
CVE-2026-7815 SQL Injection in pgadmin4 (CVE-2026-7815)
SQL injection in pgadmin4 (CVE-2026-7815). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.15` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →