Cyber Resilience

CVE-2026-7819

High

Published: 11 May 2026

Published
11 May 2026
Modified
26 May 2026
KEV Added
Patch
CVSS Score v4 7.2 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0036 27.9th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-7819 is a high-severity UNIX Symbolic Link (Symlink) Following (CWE-61) vulnerability in Pgadmin Pgadmin 4. Its CVSS base score is 7.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 27.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Symbolic-link path traversal (CWE-61, CWE-22) in pgAdmin 4 File Manager. check_access_permission used os.path.abspath, which resolves '..' but does not resolve symbolic links, while the subsequent kernel write follows symlinks. An authenticated user could plant a symbolic link inside their own…

more

storage directory pointing outside it and induce pgAdmin to write to any path reachable by the pgAdmin process. Fix switches the access check to os.path.realpath for both source and destination, and adds an _open_upload_target helper that opens the target with O_NOFOLLOW (mode 0o600) to close the leaf-component TOCTOU between the access check and the open. File mode is hardened from 0o644 to 0o600. This issue affects pgAdmin 4: before 9.15.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1505.003 Web Shell Persistence
Adversaries may backdoor web servers with web shells to establish persistent access to systems.
Why these techniques?

Path traversal + arbitrary file write in pgAdmin web file manager directly enables exploitation of a public-facing application and deployment of web shells or other server components.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-12762Same product: Pgadmin Pgadmin 4
CVE-2025-13780Same product: Pgadmin Pgadmin 4
CVE-2026-7816Same product: Pgadmin Pgadmin 4
CVE-2026-1707Same product: Pgadmin Pgadmin 4
CVE-2026-7815Same product: Pgadmin Pgadmin 4
CVE-2026-7813Same product: Pgadmin Pgadmin 4
CVE-2023-1907Same vendor: Pgadmin
CVE-2025-0218Same vendor: Pgadmin
CVE-2026-35525Shared CWE-61
CVE-2026-24018Shared CWE-61

Affected Assets

pgadmin
pgadmin 4
≤ 9.15

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References