pgAdmin 4 v9.16 Released: Security Fixes, UI Enhancements, and More

PostgreSQL · 19 Jun 2026 · 2 min read

#postgresql

The pgAdmin Development Team has released pgAdmin 4 v9.16, the latest version of the leading open-source graphical management tool for PostgreSQL. This release includes 64 bug fixes and addresses seven security vulnerabilities (CVE-2026-12044 through CVE-2026-12050). Key updates focus on UI customization, security hardening, and improved workflows.

Notable Changes

  • Color-coded panel and tab headers: Tabs now display the connected server's color, enabling quick visual identification of which server a tab belongs to.
  • "Back to login" link: Added to the Forgot Password and Reset Password pages for easier navigation.
  • TOAST tuple target storage parameter: Now supported in the Materialized View dialog (toast_tuple_target), giving more control over storage behavior.
  • Helm chart containerSecurityContext: The init container's security context is now configurable via containerSecurityContext, enhancing Kubernetes deployment flexibility.
  • Middle-click tab closure: Users can close a tab by clicking its title with the middle mouse button, matching common browser behavior.
  • OAuth2 login button icon: Now supports any Font Awesome style, not just brand icons, allowing broader icon customization.
  • Security fixes: Resolved SQL injection vulnerabilities across sixteen dialog templates that rendered COMMENT ON ... IS ' '; affected templates now use qtLiteral and rewritten stats queries.

Why It Matters for Developers

These updates improve both developer productivity and security posture. The color-coded tabs and middle-click closure streamline multi-server management, while the TOAST parameter support offers finer-grained storage tuning. The SQL injection fixes are critical for any organization using pgAdmin in production environments, as they eliminate a class of attack vectors in common dialog interactions. Configurable container security contexts also make pgAdmin more adaptable to modern, secure Kubernetes deployments.

Source: https://www.postgresql.org/about/news/pgadmin-4-v916-released-3324/

Related

auto-curated · source linked above ← all news