CVE-2025-12762

CRITICAL

pgAdmin 4 < 9.10 - Remote Code Execution via PLAIN-format Dump File Restore

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-12762. PoCs published by djayaGit.

AI-analyzed exploit summary This is a functional exploit for CVE-2025-12762, an authenticated RCE vulnerability in pgAdmin 4 <= 9.9. It leverages the PLAIN format restore feature to execute arbitrary commands on the host system.

Description

pgAdmin versions up to 9.9 are affected by a Remote Code Execution (RCE) vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting pgAdmin, posing a critical risk to the integrity and security of the database management system and underlying data.

Exploits (1)

nomisec WORKING POC
by djayaGit · poc
https://github.com/djayaGit/Blackash-CVE-2025-12762

This is a functional exploit for CVE-2025-12762, an authenticated RCE vulnerability in pgAdmin 4 <= 9.9. It leverages the PLAIN format restore feature to execute arbitrary commands on the host system.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: pgAdmin 4 <= 9.9
Auth required
Prerequisites: Valid pgAdmin credentials · Network access to pgAdmin server · PLAIN format restore functionality enabled
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References
Issue Tracking, Vendor Advisory issue-tracking
https://github.com/pgadmin-org/pgadmin4/issues/9320

Scores

CVSS v3 9.1
EPSS 0.0017
EPSS Percentile 37.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-94
Status published
Products (2)
pgadmin/pgadmin_4 < 9.10
pypi/pgadmin4 0 - 9.10PyPI
Published Nov 13, 2025
Tracked Since Feb 18, 2026