Main Vulnerability Database Exploits ID:12084 - Exploit for Code Injection in PostgreSQL - CVE-2025-8714

ID:12084 - Exploit for Code Injection in PostgreSQL - CVE-2025-8714

Published: November 7, 2025

Vulnerability identifier: #VU114095

Vulnerability risk: Low

CVE-ID: CVE-2025-8714

CWE-ID: CWE-94

Exploitation vector: Remote access

Vulnerable software:
PostgreSQL

Link to public exploit:

https://github.com/orderby99/CVE-2025-8714-POC

Vulnerability description

The vulnerability allows a remote user to execute arbitrary psql code on the target system.

The vulnerability exists due to improper input validation in pg_dump. A malicious superuser of the origin server to inject arbitrary psql code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands, such as pg_dump, pg_dumpall, and pg_restore.

Remediation

Install updates from vendor's website.

ID:12084 - Exploit for Code Injection in PostgreSQL - CVE-2025-8714

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human