Home

Description

pgAdmin <= 9.7 is affected by a Cross-Origin Opener Policy (COOP) vulnerability. This vulnerability allows an attacker to manipulate the OAuth flow, potentially leading to unauthorised account access, account takeover, data breaches, and privilege escalation.

PUBLISHED Reserved 2025-08-28 | Published 2025-09-04 | Updated 2025-09-05 | Assigner PostgreSQL




HIGH: 7.9CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L

Product status

Default status
affected

Any version before 9.8
affected

References

github.com/pgadmin-org/pgadmin4/issues/9114 issue-tracking

cve.org (CVE-2025-9636)

nvd.nist.gov (CVE-2025-9636)

Download JSON