
We found results for “”
CVE-2025-9636
Good to know:

Date: September 4, 2025
pgAdmin <= 9.7 is affected by a Cross-Origin Opener Policy (COOP) vulnerability. This vulnerability allows an attacker to manipulate the OAuth flow, potentially leading to unauthorised account access, account takeover, data breaches, and privilege escalation.
Severity Score
Related Resources (5)
Severity Score
Weakness Type (CWE)
Origin Validation Error
CWE-346Top Fix

Upgrade Version
Upgrade to version pgadmin4 - 9.8;pgadmin4-python - null;https://github.com/pgadmin-org/pgadmin4.git - REL-9_8
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | LOCAL |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | LOW |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | HIGH |
Availability (A): | HIGH |