#pgAdmin: Critical pgAdmin #RCE Vulnerability CVE-2025-2945 (CVSS score 9.9) Let Attackers Execute Remote Code - untrusted user input is passed directly to Python’s eval() function 🤦:
👇
https://cybersecuritynews.com/critical-pgadmin-vulnerability/
Sam Stepanyan :verified: 🐘 /
npub18d…rltg5
2025-04-08 21:18:52
Author Public Key
npub18d0arwv295u03fd825dvn5eharfx25rtrkemffxnar9dzn82drtssrltg5Published at
2025-04-08 21:18:52Event JSON
{
"id": "c43e6272ad92c80d8087819be9e995ff0259996bd18be641a73c12e6c88ee4df",
"pubkey": "3b5fd1b98a2d38f8a5a7551ac9d337e8d265506b1db3b4a4d3e8cad14cea68d7",
"created_at": 1744147132,
"kind": 1,
"tags": [
[
"t",
"pgadmin"
],
[
"t",
"rce"
],
[
"proxy",
"https://infosec.exchange/users/securestep9/statuses/114304426464346725",
"activitypub"
],
[
"client",
"Mostr",
"31990:6be38f8c63df7dbf84db7ec4a6e6fbbd8d19dca3b980efad18585c46f04b26f9:mostr",
"wss://relay.mostr.pub"
]
],
"content": "#pgAdmin: Critical pgAdmin #RCE Vulnerability CVE-2025-2945 (CVSS score 9.9) Let Attackers Execute Remote Code - untrusted user input is passed directly to Python’s eval() function 🤦: \n👇\nhttps://cybersecuritynews.com/critical-pgadmin-vulnerability/",
"sig": "7dbee7d7301e9133bebd4eac2a3903d6be4ddc5efe460f6cbac1b8d96051b577ed2c9cbd5c707d86f1b3d6eb08f2aebcd6e5e620ea6dd9890c7fb561ff66bbe2"
}