Pgadmin Security Vulnerabilities (CVEs)
Track 13 security vulnerabilities affecting Pgadmin products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
pgAdmin 9.11 in server mode has a restore restriction bypass vulnerability that allows authenticated attackers to execute arbitrary commands on the ho...
Feb 5, 2026pgAdmin versions up to 9.9 have a vulnerability in LDAP authentication that allows attackers to bypass TLS certificate verification. This enables man-...
Nov 13, 2025pgAdmin versions up to 9.9 running in server mode are vulnerable to remote code execution when processing PLAIN-format database dump files during rest...
Nov 13, 2025pgAdmin 4 on Windows systems contains a command injection vulnerability that allows attackers to execute arbitrary system commands through specially c...
Nov 13, 2025pgAdmin versions up to 9.9 have an LDAP injection vulnerability in the authentication flow that allows attackers to inject special LDAP characters in ...
Nov 13, 2025pgAdmin versions up to 9.7 have a Cross-Origin Opener Policy vulnerability that allows attackers to manipulate OAuth authentication flows. This could ...
Sep 4, 2025This CVE describes a critical remote code execution vulnerability in pgAdmin 4 where attacker-controlled input is passed to Python's eval() function. ...
Apr 3, 2025This vulnerability in pgAdmin's LDAP authentication allows session confusion when multiple users attempt to log in simultaneously. Attackers could pot...
Jan 9, 2025pgAdmin versions 8.11 and earlier have an OAuth2 authentication vulnerability that could expose client IDs and secrets. This allows attackers to poten...
Sep 23, 2024This vulnerability allows attackers who have stolen valid pgAdmin credentials to bypass multi-factor authentication (MFA) protections. Affected system...
May 2, 2024pgAdmin versions up to 8.4 contain a remote code execution vulnerability in the validate binary path API. Attackers can exploit this to execute arbitr...
Apr 4, 2024pgAdmin versions up to 8.3 contain a path traversal vulnerability in session handling that allows unsafe deserialization of pickle objects, leading to...
Mar 7, 2024CVE-2023-0241 is a directory traversal vulnerability in pgAdmin 4 that allows authenticated users to access or modify files outside the intended direc...
Mar 27, 2023Why Monitor Pgadmin Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 13+ known vulnerabilities affecting Pgadmin products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Pgadmin packages in under 60 seconds. No agents required - completely agentless scanning that works across Pgadmin deployments.
Free vulnerability database: Access detailed information about every Pgadmin CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Pgadmin CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
