A severe Remote Code Execution (RCE) vulnerability in pgAdmin (CVE-2025-2945), the popular PostgreSQL database management tool, has been patched after researchers discovered attackers could hijack servers through malicious API requests.
The flaw affects pgAdmin versions ≤9.1 and allows authenticated users to execute arbitrary commands on affected systems.
https://gbhackers.com/critical-pgadmin-flaw/