cbcvebase.
CVE-2025-9636
published 2025-09-04

CVE-2025-9636: pgAdmin <= 9.7 is affected by a Cross-Origin Opener Policy (COOP) vulnerability. This vulnerability allows an attacker to manipulate the OAuth flow…

PriorityP344high7.9CVSS 3.1
AVNACHPRLUIRSCCHIHAL
EPSS
0.21%
11.6th percentile
pgAdmin <= 9.7 is affected by a Cross-Origin Opener Policy (COOP) vulnerability. This vulnerability allows an attacker to manipulate the OAuth flow, potentially leading to unauthorised account access, account takeover, data breaches, and privilege escalation.

Affected

2 ranges
VendorProductVersion rangeFixed in
pgadmin.orgpgadmin_4< 9.89.8
pgadminpgadmin_4<= 9.7
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.