CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-25892

Adminer is open-source database management software. Adminer v5.4.1 and earlier has a version check mechanism where adminer.org sends signed version info via JavaScript postMessage, which the browser then POSTs to ?script=version. This endpoint lacks origin validation and accepts POST data from any source. An attacker can POST version[] parameter which PHP converts to an array. On next page load, openssl_verify() receives this array instead of string and throws TypeError, returning HTTP 500 to all users. Upgrade to Adminer 5.4.2.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.012

EPSS Ranking 78.9%

CVSS Severity

CVSS v3 Score 7.5

References

Products affected by CVE-2026-25892

Adminer » Adminer » Version: 4.10

cpe:2.3:a:adminer:adminer:4.10
Adminer » Adminer » Version: 4.11

cpe:2.3:a:adminer:adminer:4.11
Adminer » Adminer » Version: 4.12

cpe:2.3:a:adminer:adminer:4.12
Adminer » Adminer » Version: 4.13

cpe:2.3:a:adminer:adminer:4.13
Adminer » Adminer » Version: 4.14

cpe:2.3:a:adminer:adminer:4.14
Adminer » Adminer » Version: 4.16.0

cpe:2.3:a:adminer:adminer:4.16.0
Adminer » Adminer » Version: 4.17.0

cpe:2.3:a:adminer:adminer:4.17.0
Adminer » Adminer » Version: 4.17.1

cpe:2.3:a:adminer:adminer:4.17.1
Adminer » Adminer » Version: 4.6.2

cpe:2.3:a:adminer:adminer:4.6.2
Adminer » Adminer » Version: 4.6.3

cpe:2.3:a:adminer:adminer:4.6.3
Adminer » Adminer » Version: 4.7.0

cpe:2.3:a:adminer:adminer:4.7.0
Adminer » Adminer » Version: 4.7.1

cpe:2.3:a:adminer:adminer:4.7.1
Adminer » Adminer » Version: 4.7.2

cpe:2.3:a:adminer:adminer:4.7.2
Adminer » Adminer » Version: 4.7.3

cpe:2.3:a:adminer:adminer:4.7.3
Adminer » Adminer » Version: 4.7.4

cpe:2.3:a:adminer:adminer:4.7.4
Adminer » Adminer » Version: 4.7.5

cpe:2.3:a:adminer:adminer:4.7.5
Adminer » Adminer » Version: 4.7.6

cpe:2.3:a:adminer:adminer:4.7.6
Adminer » Adminer » Version: 4.7.7

cpe:2.3:a:adminer:adminer:4.7.7
Adminer » Adminer » Version: 4.7.8

cpe:2.3:a:adminer:adminer:4.7.8
Adminer » Adminer » Version: 4.7.9

cpe:2.3:a:adminer:adminer:4.7.9
Adminer » Adminer » Version: 4.8.0

cpe:2.3:a:adminer:adminer:4.8.0
Adminer » Adminer » Version: 4.8.1

cpe:2.3:a:adminer:adminer:4.8.1
Adminer » Adminer » Version: 4.8.2

cpe:2.3:a:adminer:adminer:4.8.2
Adminer » Adminer » Version: 4.9

cpe:2.3:a:adminer:adminer:4.9
Adminer » Adminer » Version: 4.9.1

cpe:2.3:a:adminer:adminer:4.9.1
Adminer » Adminer » Version: 4.9.2

cpe:2.3:a:adminer:adminer:4.9.2
Adminer » Adminer » Version: 4.9.3

cpe:2.3:a:adminer:adminer:4.9.3
Adminer » Adminer » Version: 4.9.4

cpe:2.3:a:adminer:adminer:4.9.4
Adminer » Adminer » Version: 5.0.0

cpe:2.3:a:adminer:adminer:5.0.0
Adminer » Adminer » Version: 5.0.1

cpe:2.3:a:adminer:adminer:5.0.1
Adminer » Adminer » Version: 5.0.2

cpe:2.3:a:adminer:adminer:5.0.2
Adminer » Adminer » Version: 5.0.3

cpe:2.3:a:adminer:adminer:5.0.3
Adminer » Adminer » Version: 5.0.4

cpe:2.3:a:adminer:adminer:5.0.4
Adminer » Adminer » Version: 5.0.5

cpe:2.3:a:adminer:adminer:5.0.5
Adminer » Adminer » Version: 5.0.6

cpe:2.3:a:adminer:adminer:5.0.6
Adminer » Adminer » Version: 5.1.0

cpe:2.3:a:adminer:adminer:5.1.0
Adminer » Adminer » Version: 5.1.1

cpe:2.3:a:adminer:adminer:5.1.1
Adminer » Adminer » Version: 5.2.0

cpe:2.3:a:adminer:adminer:5.2.0
Adminer » Adminer » Version: 5.2.1

cpe:2.3:a:adminer:adminer:5.2.1
Adminer » Adminer » Version: 5.3.0

cpe:2.3:a:adminer:adminer:5.3.0
Adminer » Adminer » Version: 5.4.0

cpe:2.3:a:adminer:adminer:5.4.0
Adminer » Adminer » Version: 5.4.1

cpe:2.3:a:adminer:adminer:5.4.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-25892

Products

Pricing

Contact Us