CVE-2025-12762

Critical

Published: 13 November 2025

Published

13 November 2025

Modified

01 December 2025

KEV Added

—

Patch

—

CVSS Score 9.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L

EPSS Score 0.0017 38.4th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Description

pgAdmin versions up to 9.9 are affected by a Remote Code Execution (RCE) vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the…

server hosting pgAdmin, posing a critical risk to the integrity and security of the database management system and underlying data.

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

SI-2 requires timely identification, reporting, and correction of flaws, directly mitigating this RCE vulnerability by mandating patching of the insecure pgAdmin restore function.

SI-10 Information Input Validation good match

prevent

SI-10 enforces input validation at system entry points, preventing command injection during processing of PLAIN-format dump files in pgAdmin restores.

CM-7 Least Functionality partial match

prevent

CM-7 least functionality restricts or prohibits unsafe features like PLAIN-format restores in pgAdmin server mode, reducing the attack surface for RCE.

Security SummaryAI

CVE-2025-12762 is a Remote Code Execution (RCE) vulnerability affecting pgAdmin versions up to and including 9.9. The flaw occurs when pgAdmin is running in server mode and performing restores from PLAIN-format dump files, enabling attackers to inject and execute arbitrary commands on the server hosting pgAdmin. This poses a critical risk to the integrity and security of the database management system and underlying data, with a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L) and association to CWE-94 (code injection).

The vulnerability can be exploited remotely over the network with low attack complexity and no user interaction required. It demands low privileges (PR:L), such as those of an authenticated user capable of triggering a restore operation, after which the scope changes to allow high confidentiality impact alongside low integrity and availability impacts. Successful exploitation grants attackers the ability to execute arbitrary commands on the pgAdmin host server.

Mitigation details and further advisories are available in the pgAdmin GitHub issue tracker at https://github.com/pgadmin-org/pgadmin4/issues/9320.

Details

CWE(s): NVD-CWE-noinfo CWE-94

Affected Products

pgadmin

pgadmin 4

≤ 9.10

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

CVE-2025-12762 enables remote code execution via command injection in pgAdmin server mode during restore operations from malicious PLAIN dump files, directly facilitating T1190 (Exploit Public-Facing Application) as pgAdmin operates as a network-accessible web-based management application.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://github.com/pgadmin-org/pgadmin4/issues/9320
Issue Tracking, Vendor Advisory · f86ef6dc-4d3a-42ad-8f28-e6d5547a5007