cbcvebase.

Dbgate vulnerabilities

5 known vulnerabilities affecting dbgate/dbgate.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH4

Vulnerabilities

Page 1 of 1
CVE-2026-48017P2HIGHCVSS 8.8fixed in 7.1.92026-06-15
CVE-2026-48017 [HIGH] CWE-94 CVE-2026-48017: DbGate is cross-platform database manager. In versions 7.1.8 and prior, the POST /runners/load-reade DbGate is cross-platform database manager. In versions 7.1.8 and prior, the POST /runners/load-reader endpoint in DbGate accepts a functionName parameter that is directly interpolated into a JavaScript code template without any sanitization or validation. An authenticated user (with basic access, no special permissions required) can inject arbitrary Ja
nvd
CVE-2025-50184P3HIGHCVSS 7.1fixed in 6.4.3-beta.82025-07-26
CVE-2025-50184 [HIGH] CWE-29 CVE-2025-50184: DbGate is cross-platform database manager. In versions 6.4.3-premium-beta.5 and below, DbGate is vul DbGate is cross-platform database manager. In versions 6.4.3-premium-beta.5 and below, DbGate is vulnerable to a directory traversal flaw. The file parameter is not properly restricted to the intended uploads directory. As a result, the endpoint that lists files within the upload directory can be manipulated to access arbitrary files on the system. By
nvd
CVE-2025-50185P3HIGHCVSS 7.0≤ 6.6.02025-07-26
CVE-2025-50185 [HIGH] CWE-29 CVE-2025-50185: DbGate is cross-platform database manager. In versions 6.6.0 and below, DbGate allows unauthorized f DbGate is cross-platform database manager. In versions 6.6.0 and below, DbGate allows unauthorized file access due to insufficient validation of file paths and types. A user with application-level access can retrieve data from arbitrary files on the system, regardless of their location or file type. The plugin fails to enforce proper checks on content
nvd
CVE-2026-34725P3HIGHCVSS 8.2v>= 7.0.0, < 7.1.52026-04-02
CVE-2026-34725 [HIGH] CWE-79 CVE-2026-34725: DbGate is cross-platform database manager. From version 7.0.0 to before version 7.1.5, a stored XSS DbGate is cross-platform database manager. From version 7.0.0 to before version 7.1.5, a stored XSS vulnerability exists in DbGate because attacker-controlled SVG icon strings are rendered as raw HTML without sanitization. In the web UI this allows script execution in another user's browser; in the Electron desktop app this can escalate to local code ex
nvd
CVE-2026-47669CRITICAL≥ 0, < 7.1.92026-06-05
CVE-2026-47669 [CRITICAL] CWE-22 DbGate: Zip Slip in archive/unzip allows arbitrary file write leading to RCE DbGate: Zip Slip in archive/unzip allows arbitrary file write leading to RCE The `unzipDirectory()` function in `packages/api/src/shell/unzipDirectory.js` (line 27) does not validate that extracted file paths stay within the output directory. A malicious ZIP with `../` entries writes files anywhere on the filesystem. In the default Docker deployment, DbGate runs as root and the `none`
ghsa
Dbgate vulnerabilities | cvebase