CNNVD-202509-455 Information

CNNVD ID

CNNVD-202509-455

Related CVE

CVE-2025-9636

• CNNVD Published: 2025-09-04

Description (Chinese)

pgAdmin是pgAdmin开源的一个用于开源数据库 PostgreSQL 的开源管理和开发平台。 pgAdmin 9.7及之前版本存在安全漏洞，该漏洞源于跨源打开策略不当，可能导致未授权账户访问和权限提升。

Description (English)

pgAdmin is an open source management and development platform for the open source database PostgreSQL. There is a security gap in pgAdmin 9.7 and earlier versions, which stems from inappropriate cross-source opening strategies, which may lead to unauthorized account access and enhanced access.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

斐讯

Published

2025-09-04

Last Modified

2026-02-24

References

https://github.com/pgadmin-org/pgadmin4/issues/9114 https://access.redhat.com/security/cve/cve-2025-9636 https://vigilance.fr/vulnerability/pgAdmin-user-access-via-OAuth-Flow-48432