CVE-2026-12046

Name of the Vulnerable Software and Affected Versions pgAdmin 4 versions 6.9 through 9.15

Description In server mode, two state-mutating endpoints in the SQL Editor blueprint, 'DELETE /sqleditor/close/' and 'POST /sqleditor/initialize/sqleditor/update connection///', lack the @pga login required authentication decorator. This allows unauthenticated requests to reach a pickle.loads sink—a function used for deserializing Python objects—via the close sqleditor session() and check transaction status() functions. Specifically, the issue involves the gridData entry within the session data. While this allows unauthenticated access to the deserialization path, achieving remote code execution requires the attacker to possess the Flask SECRET KEY and have write access to the sessions/ directory on the host to forge a malicious session file. If these conditions are met, an attacker can execute arbitrary code under the account running pgAdmin, potentially leading to host compromise and theft of database credentials.

Recommendations Update pgAdmin 4 to version 9.16.