AI description
CVE-2025-12762 is a Remote Code Execution (RCE) vulnerability affecting pgAdmin versions up to 9.9. The vulnerability occurs when pgAdmin is running in server mode and performing restores from PLAIN-format dump files. This vulnerability allows attackers to inject and execute arbitrary commands on the server hosting pgAdmin. Successful exploitation could compromise the integrity and security of the database management system and the underlying data.
- Description
- pgAdmin versions up to 9.9 are affected by a Remote Code Execution (RCE) vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting pgAdmin, posing a critical risk to the integrity and security of the database management system and underlying data.
- Source
- f86ef6dc-4d3a-42ad-8f28-e6d5547a5007
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 9.1
- Impact score
- 5.3
- Exploitability score
- 3.1
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L
- Severity
- CRITICAL
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
6
⚠️ Critical pgAdmin4 Vulnerability Lets Attackers Execute Remote Code on Servers Read more: https://t.co/OlfREXflVU A severe remote code execution (RCE) flaw has been uncovered in pgAdmin4, the popular open-source interface for PostgreSQL databases. Dubbed CVE-2025-12762,
@The_Cyber_News
17 Nov 2025
1905 Impressions
9 Retweets
42 Likes
13 Bookmarks
0 Replies
2 Quotes
pgAdmin patched four flaws. The Critical RCE (CVE-2025-12762) risks arbitrary code execution via malicious PostgreSQL dump files. LDAP Injection (CVE-2025-12764) and TLS Bypass were also fixed. Update to v9.10. #pgAdmin #RCE #Cybersecurity #PostgreSQL https://t.co/2smCTmL72d
@the_yellow_fall
17 Nov 2025
24 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-12762 - Exploit and Reproduction for pgAdmin4 vulnerable to Remote Code Execution (RCE) when running in server mode #pruva reproduction: https://t.co/rt2E1Cf7kN Advs: https://t.co/PQsGAMMpCU
@N3mes1s
14 Nov 2025
4069 Impressions
15 Retweets
55 Likes
27 Bookmarks
1 Reply
0 Quotes
🚨 pgAdmin < 9.10 has an RCE vulnerability (CVE-2025-12762) allowing attackers to execute arbitrary commands on the server, risking the database system's integrity and security. https://t.co/4S73FCs7tI https://t.co/MNR03JdEds
@IntCyberDigest
14 Nov 2025
7873 Impressions
23 Retweets
64 Likes
20 Bookmarks
0 Replies
1 Quote
CVE-2025-12762 pgAdmin versions up to 9.9 are affected by a Remote Code Execution (RCE) vulnerability that occurs when running in server mode and performing restores from PLAIN-form… https://t.co/MqbRbvmUM6
@CVEnew
13 Nov 2025
145 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-12762: CRITICAL] Critical Remote Code Execution (RCE) vulnerability in pgAdmin versions up to 9.9 allows attackers to execute arbitrary commands, posing a severe threat to cyber security.#cve,CVE-2025-12762,#cybersecurity https://t.co/qhfmldF6k4 https://t.co/iyNLblD59Y
@CveFindCom
13 Nov 2025
57 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2025-12762 is a critical pgAdmin 4 RCE (CVSS 9.1) affecting versions ≤9.9. Network-accessible, low complexity, requires only low privs. The Changed Scope (S:C) rating means compromise extends beyond pgAdmin itself. Attack surface: Restore module processing PLAIN-format
@gothburz
13 Nov 2025
619 Impressions
1 Retweet
7 Likes
5 Bookmarks
0 Replies
0 Quotes
**CVE-2025-12762** is a critical Remote Code Execution (RCE) vulnerability affecting **pgAdmin** versions up to 9.9. when operating in server mode, specifically during the restore process from PLAIN-format dump files. The vulnerability allows an attacker to inject malicious
@CveTodo
13 Nov 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes