Emergency Security Bulletin: pgAdmin 4 Remote Code Execution Vulnerability

featured image

By: RedLegg's Cyber Threat Intelligence Team

RedLegg will occasionally communicate vulnerabilities released outside the usual release schedule to provide additional value to our customers. These emergency bulletins describe vulnerabilities or threats we classify as the highest severity level and warrant out-of-band emergency patching or mitigation action.

VULNERABILITIES:

Critical Vulnerability Affecting pgAdmin 4, An Administration & Management Tool for PostgreSQL Databases

CVSS Score: 9.9 (Critical)
Identifier: CVE-2025-2945
Exploit or Proof of Concept (PoC): Yes, active exploitation of this vulnerability has been observed in the wild.
Update: CVE-2025-2945 –  pgAdmin Security Advisory

Description: CVE-2025-2945 is a critical remote code execution vulnerability affecting pgAdmin 4, a widely used open-source administration and management tool for PostgreSQL databases. The flaw exists in versions prior to 9.2 and stems from insecure handling of user input in specific application components. A low-privileged authenticated user could exploit this issue to execute arbitrary commands on the server running pgAdmin, potentially resulting in full system compromise.

Mitigation Recommendation: Organizations using pgAdmin 4 should upgrade immediately to version 9.2 or later, which contains a fix for this vulnerability. Until the update can be applied, access to the application—especially from untrusted sources—should be restricted and monitored.

Note: Given the active exploitation of this vulnerability and its critical nature, immediate action is essential to protect affected systems from potential compromise.