Alerts This Week
Warning Icon 1 1,020
Alerts This Week
Warning Icon 1 1,020

Fedora 44 pgAdmin 4 Critical SQL Injection Remote Code Exec 2026-c248414214

fedora
Calendar Grey June 27, 2026
Dist Fedora Esm H88
Discover critical updates for Fedora 44's pgAdmin 4 addressing multiple security flaws including SQL injection and remote code execution.
Update to pgadmin-9.16.

Summary

pgAdmin is the most popular and feature rich Open Source administration and development

platform for PostgreSQL, the most advanced Open Source database in the world.

Update Information:

Update to pgadmin-9.16.

Topics%20covered

Topics Covered

security advisory SQL Injection fedora critical remote code execution pgadmin4

Change Log

* Fri Jun 19 2026 Filipe Rosset - 9.16-1 - Update to 9.16 + spec cleanup and modernization

References


[ 1 ] Bug #2490658 - CVE-2026-12049 pgadmin4: pgAdmin 4: Open redirect vulnerability in multi-factor authentication can lead to phishing [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2490658 [ 2 ] Bug #2490659 - CVE-2026-12050 pgadmin4: pgAdmin 4: Arbitrary SQL execution via SQL injection in restore point endpoint [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2490659 [ 3 ] Bug #2490661 - CVE-2026-12044 pgadmin4: pgAdmin 4: Arbitrary code execution via SQL injection [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2490661 [ 4 ] Bug #2490662 - CVE-2026-12047 pgadmin4: pgAdmin 4: HTML injection via unsanitized SDK exception messages in cloud deployment module [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2490662 [ 5 ] Bug #2490663 - CVE-2026-12045 pgadmin4: pgAdmin 4: Remote code execution via prompt injection in AI Assistant [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=24906...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-c248414214' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: pgadmin4
Product: Fedora 44
Version: 9.16
Release: 1.fc44
URL: https://www.pgadmin.org/
Summary: Administration tool for PostgreSQL

Topics%20covered

Topics Covered

security advisory SQL Injection fedora critical remote code execution pgadmin4

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here