Security Advisory

CVE-2026-25212

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-02 00:00:00

Last updated 2026-04-02 17:39:21

Assigner mitre

State PUBLISHED

Description

An issue was discovered in Percona PMM before 3.7. Because an internal database user retains specific superuser privileges, an attacker with pmm-admin rights can abuse the "Add data source" feature to break out of the database context and execute shell commands on the underlying operating system.

← Browse all CVEs View on cve.org ↗