Количество 3
Количество 3
CVE-2026-1707
pgAdmin versions 9.11 are affected by a Restore restriction bypass via key disclosure vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. An attacker with access to the pgAdmin web interface can observe an active restore operation, extract the `\restrict` key in real time, and race the restore process by overwriting the restore script with a payload that re-enables meta-commands using `\unrestrict <key>`. This results in reliable command execution on the pgAdmin host during the restore operation.
CVE-2026-1707
pgAdmin versions 9.11 are affected by a Restore restriction bypass via ...
GHSA-3p7x-94q9-jq9x
pgadmin4 affected by a Restore restriction bypass via key disclosure vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2026-1707 pgAdmin versions 9.11 are affected by a Restore restriction bypass via key disclosure vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. An attacker with access to the pgAdmin web interface can observe an active restore operation, extract the `\restrict` key in real time, and race the restore process by overwriting the restore script with a payload that re-enables meta-commands using `\unrestrict <key>`. This results in reliable command execution on the pgAdmin host during the restore operation. | CVSS3: 7.4 | 0% Низкий | 3 дня назад |
| CVE-2026-1707 pgAdmin versions 9.11 are affected by a Restore restriction bypass via ... | CVSS3: 7.4 | 0% Низкий | 3 дня назад |
| GHSA-3p7x-94q9-jq9x pgadmin4 affected by a Restore restriction bypass via key disclosure vulnerability | CVSS3: 7.4 | 0% Низкий | 3 дня назад |
Уязвимостей на страницу