A newly disclosed flaw in pgAdmin allows attackers to tamper with the OAuth/SSO login flow, which can lead to unauthorised account access and takeover. The issue is tracked as CVE-2025-9636 and impacts pgAdmin versions ≤ 9.7. The project has released pgAdmin 9.8 with a fix—update immediately if your instance uses Google/GitHub/Azure AD sign-in
What’s the risk?
Because of a Cross-Origin Opener Policy (COOP) weakness, a malicious site can interfere with the OAuth popup/window during sign-in, potentially hijacking the session and granting access to your pgAdmin account. Severity is High (CVSS 7.9).
Who’s affected?
- Teams running pgAdmin ≤ 9.7
- Deployments with OAuth/SSO enabled
- Instances accessible beyond a trusted network (e.g., public internet)
What to do now
- Upgrade to pgAdmin 9.8 (the release notes call out the COOP/OAuth fix for CVE-2025-9636). pgAdmin
- Verify the version: Help → About should show 9.8.
- If you can’t patch today (temporary only):
- Disable OAuth/SSO and use local auth
- Restrict access (VPN, IP allow-lists, or an identity-aware proxy)
External reference
- GitHub Advisory (GHSA-6859-2qxq-ffv2): https://github.com/advisories/GHSA-6859-2qxq-ffv2
