pgAdmin

What's new in this version:

New features:
- Added an option to colourize panel and tab headers based on the connected server’s colour, making it easier to tell which server a tab is connected to at a glance
- Allow the OAuth2 login button icon to use any Font Awesome style (e.g. fas fa-key), not only brand icons
- Added a “Back to login” link to the Forgot Password and Reset Password pages
- Add support for the TOAST tuple target storage parameter in the Materialized View dialog
- Make the init container security context in the Helm chart configurable via containerSecurityContext, consistent with the main container
- Add support for closing a tab with a middle-click on its title

Housekeeping:
- Correct the macOS Replace keyboard shortcut documented in the Query Tool toolbar reference
- Fix a typo in the PGPASS_FILE environment-variable documentation and clarify its behaviour
- Update the Italian translation
- Bump Electron in the desktop runtime from 41.5.0 to 42.1.0 and pin the packaged Electron version.
- Clarify the SSH tunnel “Prompt for identity file password?” switch label and help text to indicate it applies only to identity-file authentication.
- Document the Kubernetes init-container tag-mismatch and RollingUpdate hazards on shared data volumes.
- Remove the EDB BigAnimal cloud deployment support
- Bump JavaScript and Python third-party dependencies, including cryptography, axios, shell-quote, and assorted dependabot lockfile updates
- Bump vulnerable transitive dependencies (tar, flatted) to clear security advisories.
- Rebase the version-specific SQL templates so the default targets PostgreSQL 14, the oldest supported server version, dropping the obsolete sub-14 template buckets.
- Strip the foreign-architecture slice from the macOS bundle so single-arch builds no longer ship the universal2 Python framework’s unused arm64/x86_64 code
- Update the Italian translation for v9.16

Fixed:
- Fix the infinite loading spinner after an idle database connection is silently dropped, by detecting stale connections and offering a reconnect dialog
- Fixed an issue where preferences set via the CLI (setup.py set-prefs) were not validated, so invalid values were stored silently; CLI preference values are now validated against the preference type and rejected (and reported) if invalid.
- Fix the Query Tool turning into a blank white screen when the runtime has a malformed default locale, by guarding the Query History date/time formatting against the resulting RangeError.
- Fixed an error (“i.default.find(…) is undefined”) that prevented deleting a table or relationship link in the ERD tool when a foreign key referenced a column that had been renamed
- Fixed an issue in the Create Table dialog where renaming a column did not update the column references in foreign key and unique constraint definitions for the new table
- Fix the Query Tool re-prompting for an unsaved password in a loop and rejecting the re-entered password, by caching the entered password on the server manager when the primary connection is already established
- Fixed an issue where the object breadcrumbs popup blocked clicks on the object explorer items beneath it
- Fix missing ALTER … SET DEFAULT statements for inherited columns in the generated table SQL/EDIT script
- Fix the Unlogged table toggle in table properties not generating any ALTER TABLE … SET LOGGED/UNLOGGED statement
- Ensure pgAdmin uses psycopg3 rather than psycopg2 when connecting to the configuration database via PGADMIN_CONFIG_CONFIG_DATABASE_URI
- Fix a View/Edit Data crash when the session contains a transaction object that is not filter-capable (e.g. left by the Query Tool or persisted by an older version), which could prevent the desktop application from loading after an upgrade
- Fix the “Cannot read properties of undefined (reading ‘map’)” crash in the desktop runtime when a menu refresh is triggered before the application menus have been received
- Fixed an issue where a server’s custom foreground colour was not applied to the object counts (children count) and column type labels shown in the object explorer
- Optimise pgAdmin startup time by replacing the fixed server-ping interval with adaptive pinging that backs off when no servers are configured
- Fixed an issue where generated font and image filenames contained a double dot (e.g. Roboto-Bold..ttf) due to the webpack asset filename template
- Fix tool calls failing against OpenAI-compatible providers that emit empty/null name, arguments, or id fields in streaming continuation deltas
- Fixed installation on Python 3.9 (e.g. RHEL/Rocky/AlmaLinux 8 and 9) failing with “No module named ‘pkg_resources’” by pinning setuptools below the version that dropped pkg_resources for Python 3.9
- Fix the JSON editor stripping trailing fractional zeros (e.g. 10.00) and rewriting large integers in jsonb values, which corrupted unmodified numbers when saving
- Fixed a regression where the rectangular (block/column) text selection in the code editor stopped working; restored the default Alt+drag selection without re-introducing the crosshair cursor on Alt+F5
- Warn before opening a very large JSON/JSONB value in the data grid cell editor, which could freeze pgAdmin, and let the user choose whether to proceed
- Fixed an issue where EXPLAIN and EXPLAIN ANALYZE failed to execute when blank lines separated clauses in the SQL query
- Use the ServerManager’s passfile for the credential gate in connect() so the check matches the passfile actually used for the connection, and warn on conflicting passfile/passexec settings
- Fix blank difference counts on the top-level group rows in Schema Diff
- Fix invalid DDL reconstruction for SERIAL columns in Schema Diff and the generated SQL/CREATE Script so the output round-trips on a clean target
- Remove the administrator-role bypass from the server-access helpers so the access-control checks added in 9.15 (CVE-2026-7813) are enforced uniformly. The Administrator role manages pgAdmin itself, not other users’ database connections.
- Fix “Illegal instruction” crash on startup of the Linux DEB and RPM packages on older x86_64 CPUs by pinning the psycopg C extension build to the x86-64 baseline.
- Fix the AI panel silently falling back to the default provider when a custom LLM API URL or key file was set, and allow self-hosted LLM endpoints on any loopback port.
- Fix saving a newly-added row in the Query Tool failing when the result set includes expression or alias columns that are not real columns of the underlying table.
- Ship libpq-oauth-18.so and libcurl in the Docker image so PostgreSQL 18 OAuth connections work out of the box
- Fix a startup migration crash (NoSuchTableError) when an old configuration database contains a stale foreign-key reference
- Fix the Docker entrypoint mishandling a quoted PGADMIN_CONFIG_CONFIG_DATABASE_URI, which caused a SQLAlchemy parse error and silently skipped PGADMIN_DEFAULT_EMAIL/PASSWORD setup
- Make CAP_NET_BIND_SERVICE optional in the Docker image so the container works on restricted runtimes that disable that capability
- Fix “AttributeError: ‘PgAdmin’ object has no attribute ‘login_manager’” crash when running setup.py user-management commands (add-user, update-user) from the CLI
- Provide an actionable error when ‘openid’ is in OAUTH2_SCOPE but OAUTH2_SERVER_METADATA_URL is not set, instead of a cryptic Authlib failure
- Fix pg_attribute filtering by attname returning the wrong attnum when the same column name exists in multiple tables
- Fix AI Assistant read-only transaction bypass that allowed prompt-injected multi-statement payloads to commit out of the READ ONLY wrapper and execute arbitrary SQL, chaining to RCE via COPY … TO PROGRAM on a superuser connection
- Fix SQL injection in the named restore point endpoint where the user-supplied restore point name was interpolated into SQL via str.format() instead of being passed as a bound parameter
- Fix the spurious “Crypt key is missing” error and logged traceback in the Query Tool new-connection endpoints after a backend restart, by surfacing it as the standard CRYPTKEY_MISSING response so the client recovers transparently.
- Fix open redirect in the multi-factor authentication flow via an unvalidated ‘next’ parameter that allowed a crafted link to redirect an authenticated victim to an attacker-controlled host (CVE-2026-12049). Reported by Mai Phạm Hiền.
- Fixed a regression where the rectangular (block/column) text selection in the code editor stopped working; restored the default Alt+drag selection without re-introducing the crosshair cursor on Alt+F5
- Accept prepare and binary keyword arguments in DictCursor.execute() so callers using the modern psycopg API no longer raise TypeError.
- Fix the generated SQL for editing a SQL-language function/procedure whose body contains the word “return” (e.g. a RETURNING clause), which was wrongly treated as a SQL-standard body and produced a statement without the AS $BODY$ wrapper.
- Fix critical stored cross-site scripting where PostgreSQL server error text and Explain plan-node content passed through html-react-parser across notifier toasts, form errors, modal alerts, and the Explain visualiser. Because pgAdmin’s default Content-Security-Policy allows inline script and an iframe srcdoc inherits the embedding origin, the injected JavaScript ran same-origin to the victim’s authenticated pgAdmin session and could read every saved server connection credential and issue arbitrary SQL against every server the victim was connected to (CVE-2026-12048). Reported by Fernando Bortotti.
- Fix HTML injection in the cloud deployment module (RDS, Azure, Google) where SDK exception text was forwarded to the browser unsanitised and rendered through html-react-parser in the Cloud Wizard. Reported by Fernando Bortotti.
- Fix two SQL Editor endpoints (close and update_connection) missing the @pga_login_required decorator, making them reachable without authentication in server mode and exposing a pickle deserialization sink. Reported by Fernando Bortotti.
- Fix SQL injection across sixteen dialog templates that rendered COMMENT ON ... IS '<description>' and the related pgstattuple/pgstatindex stats sinks, where a low-privilege user could plant a table or index name containing an apostrophe and a superuser viewing statistics on the object would trigger SQL execution under the superuser role. The fix switches the affected templates to the qtLiteral escape filter and rewrites the pgstattuple/pgstatindex calls to address the relation via OID with a ::oid::regclass cast, eliminating the embedded string-literal call form entirely. Also hardens qtLiteral to raise instead of silently returning raw values when conn is falsy