ZeroPath at Black Hat USA 2026

Brief Summary: pgAdmin 4 CVE-2026-7815 SQL Injection in Maintenance Tool Enables OS Command Execution

A short review of CVE-2026-7815, a high severity SQL injection in pgAdmin 4's Maintenance Tool that allows authenticated users to escalate from SQL injection to operating system command execution on the database host via COPY TO PROGRAM.

CVE Analysis

5 min read

ZeroPath CVE Analysis
ZeroPath CVE Analysis

2026-05-11

Brief Summary: pgAdmin 4 CVE-2026-7815 SQL Injection in Maintenance Tool Enables OS Command Execution
Experimental AI-Generated Content

This CVE analysis is an experimental publication that is completely AI-generated. The content may contain errors or inaccuracies and is subject to change as more information becomes available. We are continuously refining our process.

If you have feedback, questions, or notice any errors, please reach out to us.

[email protected]

Introduction

A SQL injection flaw in pgAdmin 4's Maintenance Tool allows an authenticated user to pivot from a simple parameter injection into full operating system command execution on the database host. For organizations relying on pgAdmin as their primary PostgreSQL management interface, this vulnerability (scored CVSS 8.8) represents a direct path from a web application compromise to control of the underlying server.

pgAdmin is the most popular and feature rich open source administration and development platform for PostgreSQL. It serves as the default graphical management tool for PostgreSQL deployments across enterprises, cloud environments, and development teams worldwide. Given its role as the primary administrative interface for one of the most widely deployed open source databases, security issues in pgAdmin have outsized impact.

Technical Information

The root cause of CVE-2026-7815 lies in the pgAdmin 4 Maintenance Tool's construction of SQL commands for VACUUM, ANALYZE, and REINDEX operations. Four user supplied JSON fields are concatenated directly into the rendered command string and passed to psql --command without sanitization or validation:

Vulnerable JSON FieldAffected Commands
buffer_usage_limitVACUUM, ANALYZE, REINDEX
vacuum_parallelVACUUM, ANALYZE, REINDEX
vacuum_index_cleanupVACUUM, ANALYZE, REINDEX
reindex_tablespaceVACUUM, ANALYZE, REINDEX

When a maintenance operation is triggered through the pgAdmin web interface, the backend takes the values from these JSON fields and embeds them directly into the SQL command string. There is no allow listing, no parameterized construction, and (in the case of reindex_tablespace) only manual quoting that can be bypassed.

Attack Flow

The exploitation chain works as follows:

  1. Authentication: The attacker authenticates to the pgAdmin 4 web interface. They must hold the tools_maintenance permission, which grants access to the Maintenance Tool.

  2. Payload Delivery: The attacker initiates a maintenance operation (for example, a VACUUM) and supplies a crafted value in one of the four vulnerable JSON fields. The payload is designed to break out of the expected option syntax.

  3. Command Construction: The pgAdmin backend concatenates the attacker controlled value directly into the SQL command string without validation.

  4. Execution via psql: The constructed command is passed to psql --command for execution against the connected PostgreSQL server. The injected SQL executes with the privileges of the active database connection.

  5. OS Command Escalation: To escalate beyond database level access, the attacker leverages PostgreSQL's COPY ... TO PROGRAM statement. This built in PostgreSQL feature (available to superusers) allows execution of arbitrary operating system commands on the database host, running with the privileges of the PostgreSQL service account.

The COPY ... TO PROGRAM escalation path is well documented and requires no novel techniques. If the pgAdmin connection uses a superuser role, which is common in administrative deployments, the path from SQL injection to full OS command execution is direct.

The CVSS 3.1 vector is CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. The low attack complexity and lack of required user interaction, combined with high impact across all three CIA triad dimensions, justify the 8.8 score.

Fix Details

The vendor remediation in version 9.15 (commit cf53953d9) addresses the issue through two changes:

  1. Server side allow listing for all four vulnerable JSON fields, ensuring only expected values pass through.
  2. Replacing manual quoting of reindex_tablespace with the qtIdent filter, which provides proper PostgreSQL identifier escaping.

Affected Systems and Versions

The vulnerability affects pgAdmin 4 versions from 7.6 up to (but not including) 9.15. Any deployment running a version in this range with the Maintenance Tool accessible to users holding the tools_maintenance permission is vulnerable.

The fixed version is pgAdmin 4 9.15.

Vendor Security History

pgAdmin has exhibited a pattern of command execution vulnerabilities in its operational tooling:

CVE IdentifierAffected VersionVulnerability TypeImpact
CVE-2026-78157.6 to before 9.15SQL InjectionOS Command Execution via COPY TO PROGRAM
CVE-2026-17079.11Restore Restriction BypassCommand execution during restore operations

CVE-2026-1707 allowed attackers with web interface access to extract a restriction key and overwrite restore scripts, resulting in reliable command execution on the pgAdmin host. The recurrence of command execution risks in pgAdmin's administrative tooling highlights the importance of treating pgAdmin instances as high value targets and applying updates promptly.

References

Detect & fix
what others miss

Works with
  • GitHub
  • GitLab
  • Bitbucket
  • Azure DevOps Services
  • Jira
  • Linear
  • Slack
  • Security Compass
Security magnifying glass visualization