pgAdmin 4 v9.16 Released

The pgAdmin Development Team is pleased to announce the release of pgAdmin 4 version 9.16. This release of pgAdmin 4 includes 64 bug fixes and new features, including fixes for seven security vulnerabilities (CVE-2026-12044 through CVE-2026-12050). For more details, please see the release notes.

pgAdmin is the leading open-source graphical management tool for PostgreSQL. For more information, please see the website.

Notable changes in this release include:

Features

• Colorize panel and tab headers based on the connected server's colour, making it easier to identify which server a tab belongs to at a glance.
• Add a "Back to login" link to the Forgot Password and Reset Password pages.
• Add support for the TOAST tuple target storage parameter in the Materialized View dialog.
• Make the init container security context in the Helm chart configurable via containerSecurityContext.
• Add support for closing a tab with a middle-click on its title.
• Allow the OAuth2 login button icon to use any Font Awesome style, not only brand icons.

Security Fixes

• Fix SQL injection across sixteen dialog templates that rendered COMMENT ON ... IS '<description>'; switches affected templates to qtLiteral and rewrites stats calls to pass the relation OID via a ::oid::regclass cast (CVE-2026-12044).
• Fix an AI Assistant read-only transaction bypass that allowed prompt-injected multi-statement payloads to commit out of the READ ONLY wrapper, chaining to RCE via COPY ... TO PROGRAM on a superuser connection (CVE-2026-12045).
• Fix two SQL Editor endpoints missing the @pga_login_required decorator, making them reachable without authentication in server mode and exposing a pickle deserialization sink (CVE-2026-12046).
• Fix HTML injection in the cloud deployment module (RDS, Azure, Google) where SDK exception text was forwarded to the browser unsanitised and rendered through html-react-parser (CVE-2026-12047).
• Fix critical stored cross-site scripting where PostgreSQL server error text and Explain plan-node content passed through html-react-parser across notifier toasts, form errors, modal alerts, and the Explain visualiser; injected script could exfiltrate saved server credentials and issue SQL against every connected server (CVE-2026-12048).
• Fix an open redirect in the multi-factor authentication flow via an unvalidated next parameter (CVE-2026-12049).
• Fix SQL injection in the named restore point endpoint where the user-supplied restore point name was interpolated into SQL via str.format() instead of a bound parameter (CVE-2026-12050).

Bugs/Housekeeping

• Remove the administrator-role bypass from server-access helpers so the access-control checks added in 9.15 (CVE-2026-7813) are enforced uniformly.
• Remove EDB BigAnimal cloud deployment support, which was deprecated in 9.15.
• Preserve jsonb number representation in the JSON editor so trailing fractional zeros and large integers are no longer rewritten when saving unmodified rows.
• Fix a View/Edit Data crash when the session contains a transaction object that is not filter-capable, which could prevent the desktop application from loading after an upgrade.
• Rebase version-specific SQL templates so the default targets PostgreSQL 14, the oldest supported server version, dropping obsolete sub-14 template buckets.
• Strip the foreign-architecture slice from the macOS bundle so single-arch builds no longer ship unused code.
• Bump Electron to 42.3.3, cryptography to 49.0, and other Python and JavaScript dependencies.
• Update the Italian translation.

Deprecations

• pgAgent has been deprecated and will be discontinued. pgAgent will be removed from the website within one month, and support within pgAdmin will be removed approximately six months from now. Users are encouraged to migrate to an alternative job scheduling solution.

Builds for Windows and macOS are available now, along with a Python Wheel, Docker Container, RPM, DEB Package, and source code tarball from the download area.