CVE-2025-9636

Published: Sep 5, 2025
Updated: Sep 6, 2025
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2025-9636" target="_blank" rel="noopener"> CVE-2025-9636
GHSA: <a href="https://github.com/advisories/GHSA-6859-2qxq-ffv2" target="_blank" rel="noopener"> GHSA-6859-2qxq-ffv2
Severity: High
Exploit:

pgAdmin <= 9.7 is affected by a Cross-Origin Opener Policy (COOP) vulnerability. This vulnerability allows an attacker to manipulate the OAuth flow, potentially leading to unauthorised account access, account takeover, data breaches, and privilege escalation.