2437115 – (CVE-2026-1707) CVE-2026-1707 pgadmin4: restore restriction bypass via key disclosure vulnerability

Bug 2437115 (CVE-2026-1707) - CVE-2026-1707 pgadmin4: restore restriction bypass via key disclosure vulnerability

Summary: CVE-2026-1707 pgadmin4: restore restriction bypass via key disclosure vulnera...

Keywords:
Status:	NEW
Alias:	CVE-2026-1707
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2437176 2437177
Blocks:
TreeView+	depends on / blocked

Reported:	2026-02-05 18:02 UTC by OSIDB Bzimport
Modified:	2026-02-05 20:33 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-02-05 18:02:07 UTC

pgAdmin versions 9.11 are affected by a Restore restriction bypass via key disclosure vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. An attacker with access to the pgAdmin web interface can observe an active restore operation, extract the `\restrict` key in real time, and race the restore process by overwriting the restore script with a payload that re-enables meta-commands using `\unrestrict <key>`. This results in reliable command execution on the pgAdmin host during the restore operation.

Note You need to log in before you can comment on or make changes to this bug.