CVE-2026-7819
Published: 11 May 2026
Summary
CVE-2026-7819 is a high-severity UNIX Symbolic Link (Symlink) Following (CWE-61) vulnerability in Pgadmin Pgadmin 4. Its CVSS base score is 7.2 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 27.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-29087
Vulnerability details
Symbolic-link path traversal (CWE-61, CWE-22) in pgAdmin 4 File Manager. check_access_permission used os.path.abspath, which resolves '..' but does not resolve symbolic links, while the subsequent kernel write follows symlinks. An authenticated user could plant a symbolic link inside their own…
more
storage directory pointing outside it and induce pgAdmin to write to any path reachable by the pgAdmin process. Fix switches the access check to os.path.realpath for both source and destination, and adds an _open_upload_target helper that opens the target with O_NOFOLLOW (mode 0o600) to close the leaf-component TOCTOU between the access check and the open. File mode is hardened from 0o644 to 0o600. This issue affects pgAdmin 4: before 9.15.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Path traversal + arbitrary file write in pgAdmin web file manager directly enables exploitation of a public-facing application and deployment of web shells or other server components.
CVEs Like This One
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.