Security Advisory - Published 2026-06-19 - PostgreSQL Admin Tool

pgAdmin 4 CVEs: upgrade to 9.16, then review connected database roles

The June 19 pgAdmin 4 batch covers SQL rendering, AI Assistant query controls, and user-interface rendering paths. The repair decision depends on how pgAdmin is deployed, which database roles it stores, and whether AI Assistant is enabled.

Defensive scope: this guide is for administrators reviewing their own pgAdmin deployments. It does not include SQL examples for reproducing the issues.

Affected items

CVEAreaAffectedReviewCVSS
CVE-2026-12045pgAdmin 4 - AI Assistant SQL safety bypass9.13 before 9.16AI Assistant use, database role privileges, and pgAdmin logs9.4
CVE-2026-12048pgAdmin 4 - stored XSS in error and plan rendering6.0 before 9.16connected server names, object names, and user browser sessions9.3
CVE-2026-12044pgAdmin 4 - SQL injection in dialog template rendering1.0 before 9.16object descriptions, database role permissions, and pgAdmin activity8.8

Owner self-check

docker images | egrep 'pgadmin|dpage'
docker ps | egrep 'pgadmin|5050'
python -m pip show pgadmin4 2>/dev/null
grep -Rni 'PGADMIN\\|AI_ASSISTANT\\|SERVER_MODE' /var/lib/pgadmin /etc/pgadmin 2>/dev/null
find /var/log /var/lib/pgadmin -type f -mtime -7 2>/dev/null | egrep 'pgadmin|postgres|server'

What to review

  • pgAdmin version. Treat anything before 9.16 as needing urgent update.
  • Whether AI Assistant is enabled and which PostgreSQL roles it can use.
  • Saved server connections that use superuser, owner, or broad administrative roles.
  • Recent object description changes, dialog edits, connection errors, and unusual pgAdmin browser activity.

Safe fix path

  1. Upgrade pgAdmin 4 to 9.16 or newer.
  2. Disable AI Assistant until the patch is deployed and reviewed.
  3. Move saved connections away from superuser roles where possible.
  4. Rotate pgAdmin credentials and database passwords if logs show unexpected activity.

Repair help

Use Ping7 CVE Repair when pgAdmin used broad database roles, AI Assistant was enabled, browser sessions behaved strangely, or database objects changed around the advisory window.

References

Author: Ping7 security team - Published: 2026-06-19 - pgAdmin 4 CVE batch - Defensive self-check only.