HIGH 8.8 PyPI
GHSA-3v6v-2x6p-32mc · CVE-2022-4223 pgadmin4 vulnerable to Code Injection
Modified: 3/17/2025
package
PyPI / pgadmin4
pkg:pypi/pgadmin4
HIGH 7.0 PyPI
GHSA-4rhg-h8f2-v4jm · CVE-2026-7818 pgAdmin 4 has deserialization of untrusted data in its FileBackedSessionManager
Modified: 5/27/2026
HIGH 7.9 PyPI
GHSA-6859-2qxq-ffv2 · CVE-2025-9636 pgadmin4 is affected by a Cross-Origin Opener Policy (COOP) vulnerability
Modified: 9/5/2025
MEDIUM 4.8 PyPI
GHSA-6p2c-69cv-3fxq · CVE-2026-7814 pgAdmin 4: Stored cross-site scripting (XSS) vulnerability in Browser Tree and Explain Visualizer modules
Modified: 5/27/2026
HIGH 8.0 PyPI
GHSA-7w6r-748w-mh52 · CVE-2023-1907 pgAdmin has Incorrect Default Permissions
Modified: 2/6/2025
MEDIUM 6.1 PyPI
GHSA-894c-rg7f-3c62 · CVE-2023-22298 pgAdmin 4 Open Redirect vulnerability
Modified: 3/17/2025
MEDIUM 6.5 PyPI
GHSA-9crj-hpxh-f6qg · CVE-2023-0241 pgAdmin 4 vulnerable to directory traversal
Modified: 3/17/2025
MEDIUM 6.5 PyPI
GHSA-cr8c-972v-rmp3 · CVE-2022-0959 pgAdmin 4 Path Traversal vulnerability
Modified: 2/16/2024
HIGH 7.5 PyPI
GHSA-cvf4-f829-762v · CVE-2025-12764 pgAdmin is affected by an LDAP injection vulnerability
Modified: 11/13/2025
CRITICAL 9.1 PyPI
GHSA-fxmw-jcgr-w44v · CVE-2025-13780 pgadmin4 has a Meta-Command Filter Command Execution
Modified: 12/12/2025
HIGH 7.5 PyPI
GHSA-g4r8-3qmh-pmch · CVE-2025-12765 pgAdmin has vulnerability in LDAP authentication mechanism that allows bypassing TLS certificate verification
Modified: 11/13/2025
CRITICAL 9.9 PyPI
GHSA-g73c-fw68-pwx3 · CVE-2025-2945 pgAdmin 4 Vulnerable to Remote Code Execution
Modified: 4/4/2025
MEDIUM 6.0 PyPI
GHSA-ghp8-52vx-77j4 · CVE-2023-5002 pgAdmin failed to properly control the server code
Modified: 3/17/2025
CRITICAL 9.9 PyPI
GHSA-h2x2-q2mc-24gw · CVE-2026-7813 pgAdmin 4 server mode has an authorization vulnerability affecting Server Groups, Servers, Shared Servers, Background Processes, and Debugger modules
Modified: 5/27/2026
HIGH 8.8 PyPI
GHSA-hp84-p2gq-6fvr · CVE-2026-7815 SQL injection vulnerability in pgAdmin 4 Maintenance Tool
Modified: 5/27/2026
HIGH 8.1 PyPI
GHSA-hr4r-fwpv-c95j · CVE-2026-7819 pgAdmin 4 File Manager has symbolic-link path traversal
Modified: 5/27/2026
MEDIUM 6.5 PyPI
GHSA-hv9p-2pqf-r5w3 · CVE-2026-7820 pgAdmin 4: Improper restriction of excessive authentication attempts
Modified: 5/27/2026
HIGH 8.8 PyPI
GHSA-j74f-g7vx-fh4x · CVE-2026-7816 pgAdmin 4: OS command injection vulnerability in Import/Export query export
Modified: 5/27/2026
HIGH 8.6 PyPI
GHSA-jm9x-rx9x-wpqj · CVE-2024-9014 OAuth2 client ID and secret exposed through the web browser
Modified: 10/1/2024
MEDIUM 6.5 PyPI
GHSA-p58c-q354-6c4f · CVE-2026-7817 pgAdmin 4 contains local file inclusion (LFI) and server-side request forgery (SSRF) vulnerabilities
Modified: 5/27/2026
CRITICAL 9.9 PyPI
GHSA-rj98-crf4-g69w · CVE-2024-2044 pgAdmin 4 vulnerable to Unsafe Deserialization and Remote Code Execution by an Authenticated user
Modified: 2/13/2025
MEDIUM 6.8 PyPI
GHSA-rm79-x4g6-hvg5 · CVE-2025-12763 pgAdmin 4 has command injection vulnerability on Windows systems
Modified: 11/13/2025
CRITICAL 9.1 PyPI
GHSA-w2p4-p4rh-qcm3 · CVE-2025-12762 pgAdmin4 vulnerable to Remote Code Execution (RCE) when running in server mode
Modified: 11/13/2025
HIGH 7.4 PyPI
GHSA-xv64-8p4r-94gq · CVE-2024-4216 pgAdmin Cross-site Scripting vulnerability in /settings/store API response json payload
Modified: 9/19/2025
HIGH 7.4 PyPI
GHSA-27jx-ffw8-xrqv · CVE-2024-3116 pgAdmin Remote Code Execution (RCE) vulnerability
Modified: 3/14/2025
HIGH 7.4 PyPI
GHSA-2mvc-557g-5638 · CVE-2024-4215 pgAdmin is affected by a multi-factor authentication bypass vulnerability
Modified: 9/19/2025
CRITICAL 9.1 PyPI
GHSA-2rrx-pphc-qfv9 · CVE-2025-2946 pgAdmin 4 Vulnerable to Cross-Site Scripting (XSS) via Query Result Rendering
Modified: 4/4/2025
HIGH 7.4 PyPI
GHSA-3p7x-94q9-jq9x · CVE-2026-1707 pgadmin4 affected by a Restore restriction bypass via key disclosure vulnerability
Modified: 2/28/2026