CNNVD-202511-1629 Information

CNNVD ID

CNNVD-202511-1629

Related CVE

CVE-2025-12763

• CNNVD Published: 2025-11-13

Description (Chinese)

pgAdmin是pgAdmin开源的一个用于开源数据库 PostgreSQL 的开源管理和开发平台。 pgAdmin 4 9.9及之前版本存在安全漏洞，该漏洞源于Windows系统上备份和恢复操作使用shell=True，可能导致命令注入攻击。

Description (English)

pgAdmin is an open source management and development platform for the open source database PostgreSQL. PgAdmin 4 9.9 and previous versions had a security loophole, which originated from the backup and recovery operation on Windows using shell=True, which could result in an order being injected into the attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

pgAdmin

Published

2025-11-13

Last Modified

2026-02-24

References

https://github.com/pgadmin-org/pgadmin4/issues/9323

Patch

https://www.pgadmin.org/