CVE ID :CVE-2026-12044 Published : June 18, 2026, 11:37 p.m. | 1 hour, 32 minutes ago Description :SQL injection in pgAdmin 4 across every dialog template that renders ``COMMENT ON ... IS ''`` for a user-supplied description field. The Jinja templates for Domains (and their constraints),...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

CVE-2026-12044 - pgAdmin 4: SQL injection in COMMENT ON ... IS '<description>' rendering across dialog templates

VERWANDTEARTIKEL

CVE-2026-40624 - AVer PTC cameras Files or Directories Accessible to External Parties

CVE-2026-12048 - pgAdmin 4: Stored XSS via untrusted error and plan-node text rendered through html-react-parser

CVE-2026-12046 - pgAdmin 4: Unauthenticated pickle deserialization in SQL Editor close / update_connection routes enables remote code execution

CVE-2026-12045 - pgAdmin 4: AI Assistant read-only transaction bypass allows unauthorised writes and remote code execution

Kritische SQL-Injection in PIAF-HMS: Unauthentifizierte Angriffe auf Hotel-Management-Daten möglich

CVE-2026-56078 - PraisonAI - Arbitrary File Read and Write via Path Traversal in MultiAgentMonitor