pgAdmin 4 Path Traversal (CVE-2026-7819) Allows Arbitrary File Writes

/HIGH /CVSS 8.1/10
Written by SCW Vulnerability Desk Vulnerability Intelligence
SCW vulnerabilitycvehigh-severitypath-traversal
pgAdmin 4 Path Traversal (CVE-2026-7819) Allows Arbitrary File Writes

The National Vulnerability Database (NVD) has detailed CVE-2026-7819, a high-severity symbolic-link path traversal vulnerability in pgAdmin 4’s File Manager. This flaw, rated 8.1 CVSS, allows an authenticated attacker to write to arbitrary paths on the server. The issue stems from an incomplete access check that used os.path.abspath, which correctly resolves .. (parent directory traversal) but fails to resolve symbolic links.

An attacker could plant a symbolic link within their own storage directory. This link, pointing outside the intended directory, would then be followed by the kernel during a subsequent write operation initiated by pgAdmin. This effectively allows the attacker to trick pgAdmin into writing to any path reachable by the pgAdmin process, bypassing security controls.

The fix, according to the NVD, involves switching the access check to os.path.realpath for both source and destination paths. Additionally, a new helper function, _open_upload_target, opens the target with O_NOFOLLOW and hardens the file mode from 0o644 to 0o600. This closes a critical Time-of-Check-Time-of-Use (TOCTOU) window between the access check and the actual file open operation. The vulnerability affects pgAdmin 4 versions prior to 9.15.

What This Means For You

  • If your organization uses pgAdmin 4, you are exposed. This isn't just a data leak; it's arbitrary file write, which is a direct path to code execution and full system compromise. Patch immediately to version 9.15 or later. Audit your pgAdmin server for any suspicious file modifications or unexpected symlinks in user directories.

Indicators of Compromise

IDTypeIndicator
CVE-2026-7819 Path Traversal pgAdmin 4 File Manager
CVE-2026-7819 Path Traversal pgAdmin 4 versions before 9.15
CVE-2026-7819 Path Traversal CWE-61
CVE-2026-7819 Path Traversal CWE-22

Written by SCW Vulnerability Desk

🔎
Check for pgAdmin vulnerabilities Use /brief to get a summary of critical vulnerabilities and their impact.
Open Intel Bot →
Source & Attribution
Source PlatformNVD
ChannelNational Vulnerability Database
PublishedMay 11, 2026 at 19:17 UTC

This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.

Believe this infringes your rights? Submit a takedown request.

Related coverage

OpenClaw Improper Authentication: CVE-2026-8305 Publicly Exploitable

CVE-2026-8305 — A vulnerability was detected in OpenClaw up to 2026.1.24. The impacted element is the function handleBlueBubblesWebhookRequest of the file extensions/bluebubbles/src/monitor.ts of the component...

vulnerabilityCVEhigh-severitycwe-287
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 2 Sigma

OpenClaw Improper Access Control Bypasses Denylist, Allows Persistent Malicious Configs

CVE-2026-45006 — OpenClaw before 2026.4.23 contains an improper access control vulnerability in the gateway tool's config.apply and config.patch operations that allows compromised models to write...

vulnerabilityCVEhigh-severityimproper-access-controlcwe-184
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

OpenClaw RCE: Arbitrary Code Execution via Plugin Setup Resolver

CVE-2026-45004 — OpenClaw before 2026.4.23 contains an arbitrary code execution vulnerability in the bundled plugin setup resolver that loads setup-api.js from process.cwd() during provider setup...

vulnerabilityCVEhigh-severitycode-executioncwe-427
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 5 IOCs /⚙ 3 Sigma